2FA on WebNotes

How to enable device lock on the Kite app

Sat, 20 Jun 2026 00:00:00 +0000

Device lock on the Kite app is your phone’s own screen lock, a PIN, pattern, fingerprint, or Face ID, that Kite uses as the second authentication factor when you log in. It is not a separate code you type into the app and it is not optional: device lock for Kite app login has been mandatory since 23 September 2022, because it satisfies the requirement set by the Securities and Exchange Board of India (SEBI ) for two-factor authentication (2FA) on trading-app login. Your lock data stays on your phone; Zerodha does not store it.

Kite app code: what it is and how it works as a login factor

Sat, 20 Jun 2026 00:00:00 +0000

The Kite app code is a six-digit time-based one-time password (TOTP) generated inside Zerodha’s Kite mobile app that you type into Kite web as the second factor of a two-factor login. After you enter your user ID and password on Kite web, the app shows a code that is valid for 30 seconds; entering it completes the login. Zerodha documents this as the default second factor for clients who have the Kite mobile app and have not switched to an external authenticator.

How to reset 2FA on Zerodha

Tue, 12 May 2026 00:00:00 +0000

Zerodha requires two-factor authentication (2FA) for all Kite logins. The two options are:

TOTP (Time-based One-Time Password): generated by an authenticator app on your phone (Google Authenticator, Authy, Microsoft Authenticator, or any RFC 6238-compliant app).
SMS OTP: a 6-digit code sent to the mobile number registered with Zerodha.

A 2FA reset is needed when you lose access to your authenticator app (phone replaced, app deleted, app data lost) or when the TOTP codes generated by the app no longer match the expected codes (time-sync issue).