SMS OTP on WebNotes

How to disable TOTP on Zerodha Kite

Sat, 20 Jun 2026 00:00:00 +0000

To disable TOTP on Zerodha Kite , log in, open My profile then Password & security, click Disable external TOTP, enter your Kite login password, and click Disable; the account then reverts to the SMS OTP as its second factor. You cannot switch the second factor off entirely, because two-factor authentication on a trading login is mandated by the exchanges and SEBI.

This is the point most people miss. “Disable TOTP” does not mean “log in with just a password.” It means swap the time-based app code back for the text-message code. One second factor always remains. Zerodha’s support pages are explicit that the OTP step at login cannot be eliminated, only changed in form.

How to log in to Zerodha when your mobile is lost

Sat, 20 Jun 2026 00:00:00 +0000

If your registered mobile is lost, you regain Kite access by switching your second factor from SMS OTP to a TOTP authenticator app, which generates the 6-digit login code on any device without an SMS. SMS-based two-factor authentication depends on the SIM in your hand; a lost phone breaks it. The fix is a TOTP authenticator , set up during a password reset that you verify by email rather than SMS. This guide walks that reset-and-switch flow, the change-of-mobile route to restore your number, and the harder case where both your mobile and email are gone.

How to remove the temporary OTP on Kite

Sat, 20 Jun 2026 00:00:00 +0000

You cannot remove the temporary OTP step on Zerodha Kite , because NSE and SEBI require a second authentication factor on every trading login; what you can do is switch the temporary OTP from an SMS-delivered code to an authenticator-generated TOTP , under My profile then Password & security. The OTP step itself is mandatory and stays; only its form is yours to choose.

The phrase “temporary OTP” describes the time-limited one-time password Kite asks for after your password at each login. It is temporary in the literal sense: each code is valid for a short window, about 30 seconds for an authenticator code, then expires. People searching to “remove” it usually mean one of two things: they want to stop the SMS-delivered OTP and use something smoother, or Zerodha issued them a one-off temporary access after a lockout and they want to know how to get back to a normal login. This guide covers both.

Kite app code vs external TOTP vs SMS OTP: which second factor to use

Sat, 20 Jun 2026 00:00:00 +0000

Kite offers three ways to satisfy the second factor of a two-factor login: the in-app app code, an external authenticator TOTP, and SMS OTP. An external authenticator TOTP is the most secure and most reliable of the three, because it computes codes offline, removes the SIM and the telecom network from the attack surface, and lets you log in to Kite web without opening the Kite mobile app. The in-app app code is a solid default; SMS OTP is the weakest link and is best treated as a fallback only.