Mandatory TOTP for illiquid risky contracts

June 9, 2020

There has been a sudden increase in online phishing frauds in India post the lockdown. Check this post to know more about the phishing scam you couple fall prey to when investing in the markets.

The phishing scam

Fraudsters set up phishing (fake) websites that mimic the look and feel of the login pages of the trading platform offered by large stock brokers. These websites are then sent out to unsuspecting investors via SMS messages, e-mails, and social media with contact data stolen from various sources.

Unsuspecting investors then happen to click on these links which lead to fake websites that mimic the login pages of the trading platforms they are used to, where they enter their login credentials (username, password, PIN, and other bits of information). This is captured by the fraudsters, which they then use to login to the investor’s trading account to execute buy/sell transactions on illiquid scammy penny stocks or illiquid options contracts, generating a loss on the compromised account and a profit in theirs (counterparty to the scam orders). There are also many cases where scammy penny stocks are bought in customer accounts at a high price, shares that cannot be sold on the market as there would be no buyers.

As a temporary fix, we had blocked trading by default in all illiquid risky contracts — stocks and options, and allowed trading in them only on specific instruction from the customer through the registered email address. We now have a permanent solution to this.

Mandatory TOTP when trading illiquid risky contracts

As a solution, we could potentially have made it mandatory for all our users to use a mobile or email OTP to login to Kite. But there is no guarantee that these OTPs are delivered on time. Since we’re in the business of trading where time is critical, we couldn’t take this chance, and so decided to use TOTP (explained below). Instead of asking mobile or email OTP on every login, we have made it mandatory to login using a TOTP if you want to trade in any risky scrips. We classify a scrip as “risky” if they are illiquid and can be used by fraudsters to create artificial losses in your account.

If you haven’t logged into Kite using TOTP and are trying to trade in these illiquid risky scrips, such orders will be rejected and the rejection message will ask you to set up TOTP to place the order. Setting up TOTP is a one-time task that adds security to your account. Then you simply need to login using this TOTP every day and will be allowed to place trades.

What is TOTP?

TOTP stands for “time-based one-time password”. Unlike a traditional OTP that is delivered to you via email or SMS, a TOTP is generated by a TOTP app that is already on your phone. This TOTP is valid only for a short duration (usually 30 seconds) and is regenerated every 30 seconds. Read below to learn how to set up TOTP to login on Kite.

How to setup TOTP?

Important: You will need to login on Kite web to set up TOTP. Once you set it up, you can login using this TOTP on web as well as mobile.

You can use apps like Google® Authenticator, Microsoft® Authenticator, or Authy on your mobile phone to generate 6-digit TOTPs for every login. The procedure to set it up is as follows:

  1. Log into Kite, and click on your client ID on the top right-hand corner of the page and select ‘My Profile’ from the drop-down.
  2. Click on ‘Password & Security’
  3. Once you do, click on ‘Enable 2-step TOTP’
  4. Enter the OTP received on your registered email ID.
  5. Install Google® Authenticator (or Microsoft® Authenticator or Authy) on your phone. You can find this on the Play Store or iOs App Store.
  6. Select ‘Scan a barcode’ under the add account option and click on ‘Begin’.
  7. Allow access to your phone camera, and scan the bar code shown on the profile page on Kite. Once you scan it, the account will be added on your authenticator app. Alternatively, you can also copy the key (available below the QR code) and use it to add your account to the authenticator app. Enter the OTP shown on the app on Kite along with your password and click on ‘Enable’.
  8. Once you click on ‘Enable’ you’ll get a notification confirming the TOTP set up.
  9. You will have to enter the TOTP shown on your authenticator app instead of PIN from the next login onward.

What if you lose your phone or TOTP app?

If you lose your phone or are unable to access your TOTP app for any reason but need to log into your account, click on the “Forgot password” or “Forgot 2FA” link on the password or TOTP entry page and reset your account by following the steps explained here. This will remove TOTP authentication for your account and you will need to set it up again to trade risky illiquid scrips.

India's largest broker trusted by 1.3+ crore investors.

Post a comment

  1. Amit says:

    TOTP best feature security wise.Thanks
    OTP/Pass not so great,Really embarrassing to see that most of other brokers/companies still have basic security features when every day we get phishing msgs by sms.

  2. Kundan says:

    मैं साधना का शेयर लेना चाहता हूं मगर खरीदा नहीं जा रहा है क्यों

    • Shubham says:

      Hey Kundan, SADHNA is at the upper circuit price for the day, which means there are no sellers. Buy order will remain pending until filled. More here.

  3. Neeraj Sharma says:

    I find it strange on zerodha that I can only buy certain scrips but can’t sell them on the same day even if Iam in profit..why these restrictions hampers normal trading activity..finding it difficult to trade with freedom on zerodha

    • Shubham says:

      Hey Neeraj, looks like you’re buying stocks that are in the trade-to-trade segment. Stocks in this segment can only be sold after T+2 working days when they are credited to your demat account. Intraday and BTST trades are not allowed.

      For further assistance, please create a ticket at Our team will check and have this clarified.

  4. Rajkumar says:

    My ac active to totp

  5. Anurag soni says:


  6. JAI BHEEM says:

    I’m unable to create TOTP enable currently it’s showing disabled and therefore not able to trade in stocks especially those restricted for ASM/ GSM requirements by NSE. I have followed all steps instructed within the Kite App for Authentication with the Authenticator App Authy. AUTHY is working and generating Passwords frequently with timer but TOTP enabling process becomes fail every time with OTP invalid message. This is really disappointing. Please help in this connection. Thanks, Jai Bheem

    • Shubham says:

      Hey, TOTP authentication may fail if the clock on your device is out of sync. You can correct the clock time by selecting the ‘use network-provided time’ option in your device settings as explained here.

  7. Ajay kumar goswami says:


  8. Vijay prajapati says:


  9. Abhikant says:


  10. Pankaj says:

    you have number of flags , flashing on stocks in wathlist ( Holdings, events, etc.. ) , why don’t you flash a flag on stocks requiring TOTP ?

  11. Mahesh says:

    5000 stock

  12. Ramkishan Kadam says:


  13. Riyaz umadiya says:

    February 26 2022 at 9:46 am

    I don’t bay this share darshan orna please open

  14. Pankaj kumar rawani says:

    I don’t bay this share

  15. Mayur khiladkar says:


  16. Chaitanya N S says:

    I am opening another account with a different broker just to overcome this stupidity by Zerodha.

  17. Ankur Jaiswal says:

    What is the name of App Authenticator for Iphones/Ios ?
    Like as you have google authenticator for android users?

  18. veneetjoshi says:

    Hi Team,

    My query is if i lost my phone and reissuing will take some time.How I can login my account.


  19. Bablu saroj says:


  20. Dinesh Mhaske says:


  21. Sanjay Verma says:

    Unable to buy upper circuit stocjk

    • Shruthi R says:

      Hey Sanjay, if the price hits the upper circuit limit then all the orders will remain pending as bids at upper circut and there will be no sellers or offers in the market for that stock.

  22. JPC258 says:

    Activate my demat account activate TOTP

    • Shruthi R says:

      Hey Prashant, could you please share your registered contact details at so that our team can check and assist? We’ve explained how you can setup TOTP in the article above. In case you face any issues then please let us know via the ticket so that our team can assist you.

  23. Ramsingh says:

    I active pennybstock

  24. GAURAV Kumar says:

    TOTP activate my demat account activate TOTP

  25. Namwar singh says:

    In other demat account is not also stop this.
    Please enable TOTP

  26. Kundan Dilip Nawtre says:


  27. Hariom Yadav says:

    How do you Amo buy

    • Shubham says:

      Hey Hariom, enabling TOTP is a one-time process, once enabled, you just need to login to your account using TOTP and place the orders like you normally do. You can check out the process for placing AMO orders here.

  28. Ajay Singh Yadav says:


    Why do you ask me not to buy

  29. Ashutosh Pandey says:

    In other demat accounts it is not required. You also stop this.

  30. raship shah says:

    this is illegal
    sebi has not advised or restricted any of this.
    you can not set is as MANDATORY. this is illegal by zerodha

  31. G krishnaveni says:


  32. G krishnaveni says:

    No comm

  33. P Narasimha Rao says:

    I am a Sr Citizen and not an young person. The procedure listed for TOTP is highly complicated, cumbersome and very elaborate procedure to set up the TOTP. Further there is a confusion as to whether it will work with Laptop or not. Many people expressed their opinion that this Risk Avoidance Measure is an unnecessary procedure after two way check for logging into Kite Platform. Already for existing shares in our account, you people insist to setup TOTP for buying of those addl. existing shares, which is a highly cumbersome procedure for installing and operating it. Already there are problems in Kite, for selling we have to get the PIN and enter from CSDL. Added to that trouble, you created one more layer of uncalled for security measure. Instead of buying and selling the shares on Zeroda it is better to do those GSM List shares with other brokers.

  34. Rathava navinbhai says:

    Use of penny stock

  35. Rathava navinbhai says:

    Very good shares

  36. Daksh says:

    Use of penny stock

  37. Nadeem says:

    Mujhe ye sher cahiye hai

  38. Bharatbhai Chandulal Patel says:

    Even after enabling TOTP, & have log in by using totp, I am getting the following error:
    Selling is restricted in as this is an illiquid scrip. If you wish to buy, enable TOTP on your account and login to place the order. My 18 shares bought at ₹646.73 have fallen by ₹20 showing huge loss of ₹360 +…. So solve my problem.

  39. Bharatbhai Chandulal Patel says:

    Sir I am in tremendous stress… If my share is not sold….. Would my loss reach eroding full value (₹11000)…..😱😱🥵

  40. Bharatbhai Chandulal Patel says:

    Sir on 14th oct 21, I had purchased 18 shares of JBM Auto @646 at 11 hours. Price of share started fallen immediately, waited for 15 minutes & price dropped by ₹ 5 – 10 I 5 – 20 & suddenly it showed huge loss. I immediately decided to exit but request was rejected suggesting create Totp. Couldn’t succeed to create totp & therefore couldn’t sell the stop & store is now showing holding showing loss of ₹500+. After great efforts succeeded to create totp but still not able to sell & again suggesting to create totp. Today market is closed so sell request should be rejected on the ground of market closed. But to my utter shock.,even after I logged in by using totp, my request to sell is showing rejected on the ground of totp. I don’t know what will happen on Monday?. How to sell this share & get rid from increasing loss of value of share?. Sir please bail me out from this situation & oblige.

  41. Dinesh Bhagwan Koli says:

    Open and trade now


  42. Dinesh Bhagwan Koli says:


  43. Narsi says:

    Totp account

  44. Ganesh palwe says:

    Open and trade now

  45. Prashant patil says:

    I bought illiquid stock by mistake .how to exit position please help me.

  46. Ranjan chugh says:

    I bought illiquid stock by mistake .how to exit position please help me.


    I want to buy this share i take all risk

  48. Abhinav Kumar says:

    TOTP enabled but still not able to execute illiquid trades

  49. Vaibhav thombe says:

    I want to buy SGL why it restricted

  50. Nitin says:

    Not use for shears

  51. Chandrakant Marde says:

    INDINFO sears Buy

  52. Arjun Singh says:


  53. Piyush Jain says:


  54. Roy says:

    This is Horrible & troublesome xperience for Zerodha customers,does not happen in any other Demat a/c like Geojit and all i beleive.
    Y add seperate security level…unable to buy many stocks…making me frustrated..
    planning to switch over/buy in ICICI or Geojit i hold,beeter remove it..anyway buy/sell is under the discretion of the client

  55. Krishna says:

    Even after enabling TOTP, I am getting the following error:
    Buying is restricted in as this is an illiquid scrip. If you wish to buy, enable TOTP on your account and login to place the order.
    Can you please help me with this.

  56. shetty svs says:

    honestly anything cheap is cheap.this zerodha also .
    better have one good broker.i use icici.i have zerodha for small trades. can not belive these is utterly nonsense this totp.dont have much cash in this type brokerage.dont forget day you may loose everything.

  57. pradip tambe says:

    which apps use for totp authenticator in iphone?
    please suggest, i have lost of problem in trading zerodha kite apps.
    please can u solve problem to avoid this problem.

  58. Tineshkumar says:

    Totp solution my zerodha account

  59. Santosh says:

    Hi, can we have TOTP (two factor authorisation) based on SMS (which is not dependent on particular hardware device even if we change our phone) instead of adding one more apps in our phone just for similar need via authenticator apps.

  60. Tauqeer Ahmad Abdul Aziz says:

    I want to Buy this share I’ll take all risk

  61. shadulla shaikh says:

    how to buy GSM STAGE 2 penny stock

  62. Bhavin Patel says:

    I have already activated TOTP but still I am not allowed to do intraday trade in some of the illiquid stocks. Why?

  63. Sirvan samsher says:

    I want to buy this share i take all risk

  64. Rj says:

    I just opened account with Zerodha and already considering closing it for forcing TOTP. What a waste of time with opening account and now TOPT.

  65. Joe says:

    I have TOTP enabled, however, While making a purchase through, it is failing with error “
    Please enable TOTP to place orders for IFGLEXPOR, VAIBHAVGBL as these stocks are in ASM and GSM category set by the exchange.”

    • Matti says:

      This seems to be an issue on smallcase’s end. Please get in touch with smallcase support for help.

  66. Praveen Chaudhary says:

    I have changed my mobile and need to log in to Kite but how to do it.

  67. Mohammed Nawaz pasha says:

    Sir topt is not open please lam not have bar code please call me castomer care me Id IW2318 phone number is 8453873262

  68. shiv says:

    after going through all conversation it looks like TOTP is a mess.Please advice how to avoid TOTP to sell the penny stocks as you have not given any warning of such mess while selling.Basically Zirodha should have 2 options.
    2.Ticking a declaration by the seller that I am responsible for any hacking of my account .
    Making TOTP a must is not the solution

  69. Tanay says:

    While I have opted for the TOTP authentication for my account, and somehow I lose my phone on which the third party Authenticator is installed in that scenario how do you suggest to log into my account.
    The third party Authenticators does not require any sign in and so it would be impossible to download the app on another device and get the TOTP for the registered Zerodha account.

  70. Balvant Kumar bnhasuklal chapadiya says:

    Toto problem

  71. Ali says:

    Pin is 4 letters while totp is six , so it does not accept

  72. VK Shenoy says:

    In one of my accounts with Zerodha, I need to log into the account only with TOTP and Not with the Pin, Whereas in my other account I can log into the account with a pin, and sometimes I asked to log with TOTP
    Can you please explain the reason for the same?

  73. VK Shenoy says:

    In one of my accounts with Zerodha, I need to log into the account only with TOTP and Not with the Pin, Whereas in my other account I can log into the account with a pin, and sometimes I need to enter TOTP for buy or sell orders.
    Can you please explain why it is so?

  74. Pravin says:

    Yesterday ihv purchased illiquid stock, cn i sell today, plreply immediately

  75. Parth Rana says:

    Pl send TOTP no

  76. Parth Rana says:

    Pl send totp no.

  77. Ayan says:


    I logged in using totp but unable to buy illiquid security. What is the reason?
    Please fix this asap.

  78. Rajesh S says:

    I hate anything (mostly, as much as I can) from google and microsoft, including android n windows
    n also I avoid installing apps like popping a paracetamol fr evry minor sicknesses !

    bcos google hv misused capabilities of Linux through android, I strongly disagree to instal apps which r 99% idle n just used fr purpose like otp generation (I m telling this to justify my comments), instead, I prefer web apps, use it n cls it

    but I wil chk n abt it n thn only wil involve any 3rd party in my activities… even if it means tht I cant buy few scrips, no problm

    btw @zerodha, I agree wth othr usrs tht broker shldnt b a regulatory, evn if u implement totp or whtevr, ppl still wil b tempted n they wil buy penny stocks, aftr using totp… just see hw many r thr asking clarifications above abt using totp. this itself shows it is not going to b effective. topt wil only add discomfort to gd usrs…

    . . . n sry fr short eng !!! it saves time ;-D

  79. Gh says:

    Why does it give invalid totp error..omg…soo frustrating

  80. Binoj Thomas says:

    I want to activate 2 factor-TOTP, however the system gives invalid TOTP error whenever i enter six digit TOTP received from the Google Authenticator. I made many attempts to enable it, but it always gave an error message ” Invalid TOTP, try again.

    Please support me to solve this issue.

  81. Chandralatha says:

    I find this TOTP very inconvenient.

    How to go back to PIN from TOTP ?

  82. Ganesh says:

    I have totp no

  83. Madhav Deshmukh says:

    It’s topt… The system auto corrects.. can anyone explain..

  84. Madhav Deshmukh says:

    Toot is a stupid system developed by Zerodha. It’s impossible to buy stocks which require toot.
    You are going to lose much business.. add even good stocks, not penny require to toot.
    Please simplify buying of shares
    Frustrated investor

    Dr Madhav Deshmukh

  85. Hari says:

    Firstly, Broker acting as regulator is not good by any standards or measures. You are provided brokerage license, do broking alone, don’t forget: “you don’t have regulator license”.

    Secondly, there could be easy workaround for these illiquid stocks trading. In case the order placed is profitable, let the order go through without hassle of TOTP, if not ask for the TOTP. There are many stocks(which fall beyond N200 Universe) which are illiquid, however, good quality stocks.

    Thirdly, don’t deprive end users with your illogical logic actions saying you are protecting them. Every big stock in the N200 today somewhere it started as illiquid or penny stock. By keeping them away, you are also letting them go away from early entry into tomorrow’s big stocks!

    And finally, there are no kids trading here. People should know their actions are consequence based. So stop monitoring the traders and just providing brokerage service, than become regulatory brokerage by hammering a final nail in the coffin.

  86. Akshay says:

    After purchase can i disable 2FA TOTP.

  87. Mukund ramani says:

    Tread padto nathi

  88. Murli says:

    If a investor has purchased a stock through your website without any restriction, then now why you suddenly stop him from selling it from his demat account by saying it is risky iliquid connected with sms tips etc. why should he need to use totp? why are you not allowing to rectify the situation by only allowing at sell to get get out of the penny stock? This not acceptable. will you be responsible for the fall in value and subsequent loss? if somebody wants to sell from his demat account and get out you should not block his selling since you had allowed him to buy in the first place. Atleast allow him to sell and exit not buy without this shit totp business.

  89. Madhu says:

    TOTP ……. is waste job…….Giving warnilng sign is enough for penny scipts…..why all this our ZARODHA account become difficult for operation……
    I tried number of times to place the order not successful…..

  90. Madhu says:

    It became very difficult zerodha……TOTP. The process of TOTP and google account…..all this become problem scanning QR code………..Why this? how to avoid…..It is liquidate shares giving warning message is enough for the customer….not more than that……Pl. remove the barrier…at the earliest.

  91. suraj says:

    TOTP should not make mandatory for a few stocks by Zerodha. It should be optional by putting disclaimer. I don’t have time to enter every time TOTP in the mobile app if I killed and relaunched the app. This feature not beneficial at all. should provide the option to opt-out.

  92. Yogita says:

    I enable Google authenticate but not able to place order in app.
    It is working on web.
    Also my GTT NOT TRIGER

  93. Santhosh says:

    I tried to enable TOTP, but that’s not working still. Whenever i try , getting error msg like Password incorrect though i enter correct password. Raised ticket on this issue. But there is no response from Zerodha support team. Don’t know why Zerodha doing like this

  94. shaik basha says:

    Good totp

  95. Raviraj Rao says:

    Why are you preventing us from buying penny scripts. Please remove this TOTP business. We should have freedom while selecting scripts. We are responsible for any acts done. Please dont act like police.

  96. SD says:

    Hello Nithin & team,
    It is very sad to see that our favourite broker Zerodha has stopped listening/solving some genuine problems of its customers while enforcing this compulsory TOTP features. A few examples:
    1. If you don’t have smartphone you can not invest in most of companies having Mcap less than 500 Cr.
    2. So what even if you pay a few thousand per month as brokerage your view does not matter now.
    3. If you want to invest in small cap companies than you have to let go your personal security and choice to protect your trading account and have to enable TOTP with a third party app.
    4. Zerodha will decide wich company need TOTP and put in restrictions not only NSE/BSE. There is no rationale on decision making and no publicly stated rule. How you decide which company deserve to be there or not. I can give you hundreds of example and counter example.
    5. Many more.

    Requesting you again for the fourth time Pls. dont make these feature compulsory for all. I myself had to let go a few opportunities to average some of my previous holdings. 90 percent of big companies start from a vary small. Most importantly we should not forget to listen those who hold your hand much before others did. Time may be good or bad. It will pass through.

    For many like me, must be thinking number of time because of this silly step… should we move on?… Or should I need to change the broker? in a big dillema!

    • SD says:

      Just to add, I still find Zerodha very good in terms of many other user and customer friendly innovation and initiatives it took in the past and continuously doing. But we really don’t like the compulsory implementation of TOTP (third party mobile app dependency) and trading/investing restrictions. Just make a poll your view will be opposed by more than 95%.

      I am still hopeful that Zerodha will remove these restrictions or make it optional based on thousands of feedback they received.

      People just don’t like restrictions if thay pay or ready to pay substantial amount for those services which was supposed to be available.

      I know that the investment in T2T segment stock earn Zerodha zero brokerage but restriction on it will affect many customers who also trade in f&o and earn zerodha thousands of rupees every month alongside their investment in all kind of stocks.

  97. yuvaraj says:


    I use a feature phone. How can I setup TOTP please?


  98. R.Shrikant Rao says:

    Dear Sir ,
    Today i enabled TOTP using web platform on desktop computer.But when i use kite app on smartphone(oneplus 3T)it asks to enter userid and then password and then it asks to enter TOTP on the box. To enter TOTP i have to go to google authenticator app to read the otp and when i come back to Kite app to enter otp on the box then it disappears and new page of kite app showing user id and password opens.In this way i am unable to enter otp and kite app in not opening in smartphone but opens in desktop.Please solve my problem.Thank You. R.Shrikant Rao 9425507228

  99. malQ says:

    Request “read only” non-transaction log-in option also to be able to share with Chartered Accountant for example. Many thanks.

  100. Dr. Sivasankar Kandasamy says:

    One totp daily basis or everytime we have to generate new totp for login

  101. Arvind Singh Rawat says:

    Hello Zerodha,
    Thank you for the concern to safeguard your customers against phishing attack. I have a query regarding TOTP that as i have already setup authenticator on my primary mobile but how can i use the kite app on my second mobile too. Can i do that?

  102. Sadi kumar says:

    What’s illiquid scrips

  103. NANDEESHA R P says:

    I can’t find client ID on top right as shown in your snapshot. us properly and give full/complete instructions.

    Thanking you

    • Matti says:

      What do you see on the top-right corner of Kite? It is impossible to not see the client ID there because the platform is the same for everyone. If you are looking at this on a mobile browser, please click on the round photo.

  104. Gautam kumar says:

    Hello, guys, I am using Zerodha platform since last 3 month and I have a great experience with all his platforms and easy to use and fast service in my point of view Zerodha is the best broker platform in India I only want one feature in Zerodha which is Margin in delivery if then can manage this features then it would be an Awesome thing which I get

  105. JISHNU DEBNATH says:

    Is it mandatory for fifty stocks of Nifty ?? or only to trade with penny stocks.

  106. sheik ahamed says:

    The google authenticator doesnt have any security like asking my finger print or pattern to generate otp,, anyone with my unlocked mobile can generate otp and enter into my account ?? is this really this much insecure or am I missing anything here ? when we use our pin to login, even if we lose our mobile and its unlocked they cant log in into my account without the pin,, but with this method they can generate otp and login into the kite app

  107. chida says:

    I dont use Smart phone , Only kite web ,
    i have nokia 110 phone and I dont want to upgrade

    Please Make this an Oppotioanl Requirement

    how can any of these be reasons that should prevent me from trading freely ]
    1.Already a security conscious person and never fallen for phishing frauds
    It’s not the brokers job to baby sit all customers, but just to provide a seamless service. Atleast provide an option for customers to opt out of this feature on their own like submitting an online application etc.

  108. Jindal says:

    This really is frustrating. Adding hurdles to a process which should be straightforward.

    Please make this an optional requirement. People who think they might be compromised can opt for this feature and others like me who dont want these extra steps and like a more ‘free’ experience can opt out. Making this mandatory is a bad decision.

    A few scenarios:
    1. What if I want to trade in my dads account today. I dont want to bug him in the morning by calling him and asking him to struggle with his phone to let me know the OTP
    2. What if my phone is Nokia 1100 and I dont want to upgrade OR install 3rd party apps OR phone is lost [ how can any of these be reasons that should prevent me from trading freely ]
    3. Already a security conscious person and never fallen for phishing frauds

    It’s not the brokers job to baby sit all customers, but just to provide a seamless service. Atleast provide an option for customers to opt out of this feature on their own like submitting an online application etc.

    • Ravi says:

      Yes even to check the portfolio for different family members accounts, we need to call them now and keep asking the otps. Simple task has become a problem

  109. Mohd Anees Ansari says:

    Ye feature bekaar hai. bahut log pareshan rahege isse.

  110. Indrajeet says:

    Mobile app has stopped working properly since Thursday.
    None of the Strike price of BANKNIFTY & NIFTY are showing in search option.
    Only BANKNIFTY of SEPTEMBER expiry
    are available.
    कोई भी stock सर्च नही हो पा रहा है। क्या गडबढ घोटाला है ।
    Zerodha के हैल्पलाइन नम्बर घण्टे तक कोई response नही देता

  111. Nemish says:

    I am using TOTP & have 1 query.
    While logging in to kite on mobile, TOTP was asked only once. On a daily basis, the app doesn’t prompt for TOTP & directly logs me in with fingerprint authentication.
    But while logging thro PC, TOTP is asked for everytime i login.
    Just want to confirm above whether it is ok?
    Tnx & rgds

  112. Pradeep Kumar says:

    I was not receiving the OTP mail on my linked email. I raised a ticket but still no response. Have 4 days delay to enable totp means a lot to traders. Fingerprint on mobile App shud hv bypassed this authentication thru webpage.
    It’s a waste of time/missing trade when it’s needed. Already Nudge have been alerting the users.

    I understand ur point of security but this totp is not making sense to me. Please ensure New features enables speed and ease the application use but not trouble the users.
    Thank you,
    Pradeep Kumar.

  113. SB says:

    I dont use Smart phone , Only kite web , whats the way to setup TOTP in such case ?
    Please let me know the process

  114. Roy says:

    I’ve enabled TOTP and used it to login to kite. But the nudge alert still says, “Intraday trades are not allowed.” because it is an illiquid security. Now that the phishing scam would not be possible since we login using TOTP, I don’t understand why intraday trades are still not allowed?

    • Matti says:

      Intraday trades are still not allowed in these stocks because the risk is still significant. Most of these stocks have been restricted from intraday trading by the exchanges themselves TOTP is required only if you wish to buy these stocks for long-term investments while aware of the risks.

  115. Srinivasa babu Somepalli says:

    What is this yaaar…
    Always compelling clients to follow very criticsl mandatory procedures… very lenghty & headache..itroduce simple methods yaar…

  116. Sumit says:

    i am approved but its show order fail ???

  117. Sameer says:

    Bunch of nonsense.
    Recently I raised this issue with Zerodha how their system stopped me from buying a 3 rupee stock by telling me its for my safety.
    Clearly they woke up and came with this thing which is as nasty as the previous of blocking trades of clients.

  118. ASHOK KUMAR GUPTA says:

    sir, my TOPT option is not activated. as per your procedure , i have follow but 6 digit number is not acceptable .
    message show ” invalid TOPT”.
    Please help me sir.

  119. James B says:

    There are several reasons why TOTP on mobile is not always feasible:

    1. Mobile may have run out of charge.
    2. I may be in a location where the connection is not good.
    3. My mobile maybe in a different location.

    Please give user the option to receive TOTP on mobile OR email ID, after 1-step verification is complete at login.


    • Matti says:

      That is not how TOTP works. TOTP is designed to be bound to one hardware device, i.e., your mobile phone. This ensures that only the user is logging in.

  120. Vijeesh says:

    Instead of totp can i still use the mail option?

  121. Vijaya Krishna says:

    Hi Zerodha Team,

    Your intentions are good, however, I see the following issue with this approach.

    The authentication is made completely dependent on mobile. What if mobile goes down for some reason after someone initiating the positions? Is there any way to login to kite web without the mobile to take care of the positions?

    The resolution can be to make the authentication of TOTP optional. If someone used it to login then do not restrict them to take the positions in illiquid stocks. If someone used PIN and trying to take positions in illiquid stocks, then ask the TOTP only once per that login session.

  122. Aparna Majhi says:

    Thanks a lot to Team Zerodha. The Zerodha is not only a Brocker but a safe guard of its Client also. This the cause of rapid increase of the Client of Zerodha. Zerodha has build the faith: “Zerodha never cheats and does not allow any client to be cheated.” Go ahead my beloved Zerodha. Go ahead Zerodha.

  123. Rahul says:

    There is no option to scan the bar code using my own phone so use some other phone using Google authenticator. And there is no option to disable two factor authentication .I m not able to login now becoz that mobile was some other person now how do I login

  124. Anil Chauhan says:

    I have two doubt in my mind that I have expected to clear from you are as below.
    1).without TOTP can we buy iliquid stock for trading or if it will allowed but when selling it is necessary to have TOTP thing.
    2).without TOTP can we buy liquide stock for trading.
    3)According to you Nifty 50 list of the Script is Liquid or not.can we trade on same without TOTP.

    • Matti says:

      1 &2) you need TOTP to buy risky stocks.
      3) Nifty options of the current and next month are considered liquid. If any contract is not considered liquid, we’ll show you a warning on the order window.

  125. Rupa k says:

    Instead of forcing a new thing, better to make it optional, a choice whichever a trader like, can choose. Like Tradingview charts or chartIQ. Give users a choice between 2FA authentication or PIN or TOTP, or any two or three.

  126. Sandeep Bhagwanji Gangani says:

    Richer motor is a peeny stock in past can u want to ristrct the same for not being your client to get rich.i think time to change broker else change the system.insted do one thing not allowed to loving via link, made compalsory use site typing name in sequre browser like https.

    In past I have stock named alok inds which get at 15 RS in 2008 and want to average at 2 but zerodha reject the order and same stock allowed when it comes to 100.what the benifite of account in zerodha.

    • Matti says:

      We are not restricting you from buying! We just want to make sure that it is indeed you and not a scammer taking the trade, so you just need to enable an extra layer of security!

  127. Sandeep Bhagwanji Gangani says:

    I have two accounts one myself and another of my wife both have logged one by one from my mobile only because wife has no authentication has to done from one Google authinticator pls sujest for these both account.

  128. Nagarjuna Reddy N says:

    The idea is good. but customers are dissatisfied due to OTP not received on time.
    Today i have reset the TOTP pin but i am trying to login mobile or web not receiving any otp.

    I would request you please share process to unlock or delete the PIN.

    Nagarjuna Reddy N

  129. Atul says:

    Zerodha being the worst broker!

  130. SIJI K says:

    Something thoughtful to protect the investors !!

    BTW, when are you coming up with multiple holdings in kite to aid in segregating LT and ST investments.

  131. Ashok Kumar says:

    Where I find list of this type stock.
    So aware to not trade in this type stock

  132. Arun says:


    While this is a good step to protect the customer, the challenge as it remains is also around Zerodha not letting customers buy Far OTM weekly options. This prevents the customer from hedging long term options that customer has sold. Is there a plan to enable the customer to be able to buy weekly far OTM options for hedging exixting long term position.


    Does this mean that if we don’t trade in risky illiquid stock, we don’t need to generate TOTP? Or is it compulsory to create TOTP by any means?

  134. SKtyagi says:

    Dear Matti,
    I have a few suggestions if you like to implement:

    1. Instead of forcing a new thing, better to make it optional, a choice whichever a trader like, can choose. Like Tradingview charts or chartIQ. Give users a choice between 2FA authentication or PIN or TOTP, or any two or three.

    2. The price change can be viewed as in percentage or absolute terms, why not both?? Some traders may have fullHD or UHD/4k display. Let them see more info on the screen. Small change is required, checkbox instead of radial button.

    3. Give option to save charts layout, and option to display more than 4 charts.

    4. Either give full access to tradingview charts, or implement more features from there to chartIQ.

    5. Only 2 ticker prices r shown on top, give option for more, who have more space.

    Enough for now.

    • SIJI K says:

      Zerodha is like a low cost carrier, so it is a sin to expect basic things from them. Very basic things or bugs like missing sorting on certain columns have been notified to them, but they say its not priority for them. There are lots of basic features that are missing.

  135. Tarun Gupta says:

    I setup TOTP using Google Authenticator but since then I am unable to login to my account.
    Do we need to update the Zerodha Kite as well because it is still asking me to enter PIN.
    I can’t see the screen that you have shown in the last step in this article for setting up TOTP.
    Please help me out ASAP.
    It’s very urgent

  136. Vijaya Krishna says:

    Is it possible to disable TOTP and get back to regular PIN based authentication once I enable TOTP?

    Suppose some day I want to buy some illiquid stocks (not on regular basis), that day I use TOTP and other days I disable TOTP and use regular PIN. Is it possible?

  137. Sharma ji ka Beta says:

    Suppose I enable TOTP once, can I disable it if I do not need to trade in illiquid scrips ?

  138. SD says:

    @Nithin/ Matti,
    What Nonsense! Why are you deleting our comments raising valid points.
    Why initiate such action if you can not justify it?
    My point is very simple. Why you (Zerodha) are exposing your clients login credentials to a third party server/app. You must take responsibility for any eventual loss due to this.
    If you say no you are not doing, then you must accept that you are restricting and imposing on client what should the buy and what not. It is either or as simple as that.
    Many does not know how a third party app is dangerous for financial transactions. Use simple sms OTP instead of that.
    If you delete again then I have to forward my view to exchange and sebi with a copy to you. Don’t restrict trade for clients who do not want this.

    • Prem_Nath says:


      They want a control over market.

      they are acting like ” Daddy knows the best.”

      there is no such guideline from SEBI , that Investor require a permission from his broker to trade/invest on particular script.

    • SIJI K says:

      @SD, Please read up on Oauth. Nothing is being compromised by Zerodha here. They are doing it for your safety only. Perhaps you should read the article carefully.

      One suggestion for Zerodha – Better create a video or host a webinar. Things get much more clear in video than an article.

  139. Gajala parween says:

    Thanks zerodha time to time gird

  140. HK Thakur says:

    Was going to open a demat with zerodha.

    after reading this article and response from Zerodha….. called UPSTOX.

    Just for your Team “Risk is not knowing what you are doing”

    you might be knowing who said so.

  141. Ravi teja says:

    Because of your restrictions I lost chance to invest in alchem script at 2 rupees.
    Your jog is to facilitate the trading. Not to choose.. It’s better you stick to your job and improve your platform to handle market volatilees rather than this sitty setup to buy scripts

    • Srikant says:

      Absolutely, I too missed such an opportunity lately.
      This is such a non-sense move, why can’t we have everything right with at least one broker!

  142. Sanjay says:

    I don’t know that why Zerotha always created tuf for selling share some time created pin some time created cds pin and then created new funda always

    I don’t see that any fraunding other brokers because simple step flow login id if u sell and buy no other pin only login apps many time I am enter different time of pin share price down with in time and I loss money many time .why are u fear every person

  143. Rajashekhar.A.Hosamani says:

    If our mobile is lost the robber will get access to our account easily with this TOTP authenticator app he will get both key & the lock .

  144. Elwin says:

    I appreciate TOTP but a feature phone user like me , will have to buy a Smartphone to trade now in illiquid stocks for which I will have to shell out close to 10K.Can you Suggest any other option than this.

  145. L. Jagadeesh says:

    I need help to generate TPIN. I am not getting TPIN please give information as soon as possible

  146. Rajashekhar.A.Hosamani says:

    If phising is occurred only the carelss client losses the money not carefull trader,this TOTP is hassleful specially for mobile users it will be good if TOTP is cancelled.

  147. SKtyagi says:

    Dear team Zerodha,
    Warning message thats popup is more than enough.
    This Totp concept is complicated, and not required.

    Also for authentication your earlier 2 step questions were far better n secure than later on PIN one.

    Pls don’t make things complicated, I’m not going to install any extra APP and like to better close my account.
    Thanks for being with you from last 8 years.

    Once again thanks

    • Ranjeet says:


      Better to change the broker.

    • Matti says:

      If a scammer has access to your account, then he or she will ignore the warning altogether. The warning is for you, the TOTP requirement is to prevent scammers from committing fraud. The earlier 2FA with random questions was again an insecure method of logging in and was changed because of that very reason!

      • SKtyagi says:

        Dear Matti,
        If a scammer has access to my account??? if he can access my mobile after all its running various s/w and prune to be compromised.

        With totp what u want to achieve, secure authentication or prevention in trading illiquid stocks.


      • Rajeet says:

        If a scammer gets into client account , He/She can make transaction to any other script “which you have not declared illiquid by you wisdom”.

        And you think people will not lose money there.


  148. ROHIT SHARMA says:

    I have idea shares in bulk. Idea comes under illiquid stock.

  149. Shravan says:

    what if , I lost my phone or it is not working.
    In this case what is the alternative to login after I setup TOTP to Close my Open trade or Take new position.

    • Matti says:

      Closing an open position has no restrictions. As for losing your phone, you can click on forgot password and reset password and PIN so you can login without TOTP. You will still need to set up TOTP again to trade risky stocks.

  150. Vivek says:

    I only trade nifty and banknifty options…will far OTM options of these be also be affected?

    • Firdous says:

      Far OTM is already blocked by Zerodha 😂😑

    • Matti says:

      Ah, this restriction isn’t due to liquidity, but due to exchange OI limits. There is a way around this though. Please fill this form and we’ll have someone contact you to help.

      • Vivek says:

        So am I right in assuming the contents in this specific blog post isn’t applicable as far as trades in nifty and banknifty is concerned?

  151. Atul says:

    Can you give list of “illiquid risky” stock / contract names ?
    What if I don’t have mobile ? & wish to trade in “illiquid risky” stock
    On 8th Jun 2020 morning market opening time around 9:18, order was not getting accepting by zerodha
    Error Server Not Ready
    Better you work on server rather creating some complex system

  152. Sharat C Sahu says:

    Totally unnecessary and uncalled for procedure.

    It seems you want to micromanage your clients and obviously think they are fools.

    You had no business in blocking your client’s legitimate trades and then you expect him go through this tedious and unnecessary process.

    Just leave it to your client’s judgement to handle his money.

  153. Prem_Nath says:

    Don’t act like daddy knows the Best.

  154. Singh says:

    not found Clint id

  155. Bhargav says:

    Put a like and dislike option under the post so people can vote their decisions. And also put like section in comments so more reasonable comments will be appear on the top. Because everyone not wants to comment so they give their opinion by just like or dislike. (eg. YouTube)

  156. Rahul says:

    Does this mean that Zerodha user data has been compromised? How do these scammers get hold of Zerodha users phone, email etc?

    • Matti says:

      No. Our user data is quite secure. However, that doesn’t mean that scammers can’t get access to your email ID or mobile number from other sources. Explained here and here.

  157. Manoj says:

    It is good and length process for some
    Client s who can’t go with all these process , so think about everytime by completing all the process the trade price and entry price we can miss ???????????

  158. Subhendu says:

    If I lost my phone how I will again do authentication with my new phone?


  159. Karthikeyan Sivakumar says:

    Can you please confirm if there will be fallback options to login when we lose our mobile or Authenticator App is uninstalled? Means using the Passcode rather than TOTP in certain cases?

    • Matti says:

      You can click on forgot password. This will unlink the authenticator and you can set new password and PIN and login. After logging in, you will need to set up TOTP again to trade these risky contracts.

  160. vishal says:

    Once TOTP is set, is it possible to login with password if a user loses mobile?

    • Matti says:

      You can click on forgot password. This will unlink the authenticator and you can set new password and PIN and login. After logging in, you will need to set up TOTP again to trade these risky contracts.

  161. Raj kumar says:

    Please provide tpin

  162. Gs banga says:

    Right said

  163. ROHIT SHARMA says:

    What is Zerodha definition of illiquid stocks (or penny stocks). Do stocks like Idea, Alok Industries, come under illiquid stocks?

  164. Mohammad Dularay says:

    Its Done,

    Thanks Zerodha for care our safety & security.

  165. lakshminadharao says:

    sir , i had purchased wheels india ltd with CNC mode, but you allowed me to buy when i tried to sell you did not allow me to sell the stock saying illiquid stocks with banner appearing on the screen with black in colour. here my point is if your banner shows it is illiquid stock not allow to sell on same day or btst , we can not take buy. without knowing it we are buying , not only this there no of stocks are like that. it is convenient if we know that stocks are illiquid we donot buy them. please rectify this problme.

  166. Srikant says:

    Anyway some relief though.
    But, I don’t see the logic behind, a trader who is willing to trade in illiquid stocks will anyway end up doing so, so what’s the point of additional barrier?
    It would be easy to just give a warning message popup while trading such scripts with an additional checkbox saying “I agree the risk involved”(if at all), that shall do right?

  167. Sanjoy says:

    Can you please warn us while adding a so called ‘illiquid’ (by your definition) stock/counters in the market watchlist. And only on confirmation, users should be able to add that in their watchlist. If you could also have a differet colour to mark such counters that would be really useful.

    Thanks in advance.

    • Matti says:

      We warn the user while placing orders. Warning while adding to market watch would be tricky. Will look into the possibility.

  168. Monis says:

    This is the first time Zerodha is making major mistake in my opinion. It is the duty of stock exchanges to decide which scrips to allow or not for trading n it is not the responsibility of the broker to make judgement based on only market cap or whatsoever criteria he may have in his mind.

    This can not n will not save everybody. Have you seen rate of Rcom from 800 to 2, rel infre, r cap, cox from 300 to 2. Will this practice save innocent investors from these carnage, which were even not related to this corona fall? On the other hand some scrips too went from below 100 cr mkt cap or even from 10 cr mkt cap to 1000 + cr market cap. Investors will miss these too, thanks to this new safety measure.

    One last example – Unitech – went from sub 50 cr market cap in 2004 to 100000 cr mkt cap n now 400 cr market cap. Is it responsibility of the brokers to decide when to buy certain scrips ?

    This just the illustration – No hurt feelings

    • Matti says:

      Risk management is a broker’s job too. 🙂 In any case, all you need to do is set up TOTP and login using it to trade these contracts. It’s not blocked if you do set up TOTP.

      • Ranjeet says:

        If a scammer gets into client account , He/She can make transaction to any other script “which you have not declared illiquid by your wisdom”.

        And you think people will not loose money there.


        • Gb says:

          Dude! Is your iq a that of a 7yr old??
          Obvi they can.. So in that case zerodha shud actually make totp compulsoty for all logins(atleast web based logins cos app bases logins have fingerprint or faceid)
          2 step verification, totps are the norm for most secure transactions… Even whahtsapp and gmail recommend 2 step authentication.

          And this is neither moral policing nor zerodha trying to restrict our freedom!

  169. Balram Jat says:

    I truly appreciate with Zerodha new authentication way because in this digital world security is the primary need.
    Not everyone fully familiar(updated) with all the new way of online attacks/scams. So plz support it .
    Its for our benefit only.
    Good work team Zerodha

  170. RAJEEV RANJAN says:

    Moral Policing is Very Dangerous in Financial Market and it’s not a professionalism? we Indian are more interested to indulge in Moral Policing rather than doing by principle.

    • Matti says:

      This isn’t moral policing. This isn’t any kind of policing. We are simply asking our users to have an additional layer of security to trade scrips that we define as risky based on our risk management practices.

      • anil says:

        are they putting zerodha’s money on risk or their own money ? did you lend money to those clients who are willing to take trades in any script whether it is liquiide or illiquide let them decide their decision ……this is financial Policing ……the biggest froudster of india sooner or later your bubble will burst……guy do not go for these kind of low brokarage company where you save pennies in the name of low brokarage but loose most of the time with their own rules set by them …….

        i know you will again repeat the same copy paste answer :-

        Risk management is also a broker’s job. While we do facilitate trades, we also need to look at the risk such trades bring to the table. We have not decided what you should buy or sell, by the way. Just that you need additional security set up on the account to trade some scrips!

    • RAJEEV RANJAN says:

      Being a No-1 Brokerage House might take lots of time But Downgrade will not take long time compare with your competitor. Hope You will understand .

  171. jeetesh says:

    broker job is to provide services not to interfear which one is liquidy or illiqudiy stocks…if zerodha you really care for the customers then why dont you suggest customers what to buy and what to sell for intraday/delivery….customers willing to take risk, want to buy the otm contracts, want to buy current expiry month contracts options but you gave the reason blocked due to bla bla bla….if the contract/stock is really illquidy then sebi must delist the stocks…

    • Matti says:

      Risk management is also part of the broker’s job, Jeetesh. Anyway, after this update that we’ve explained in the above post, you can just set up TOTP and trade anything you want.

  172. Akshay says:


    If i enable TOTP will my GTT order be affected? (Both already entered and future GTT)

    If the price hits the stop loss then i dont want to hold on to that because TOTP wasn’t entered.

    Thanks in advance for help!

    • Matti says:

      No, GTT remains unaffected.

      • Akshay says:

        Great, thanks for quick revert.
        Also, one more query, what happens when i am not able to access my phone and change my phone?
        Will the TOTP still active on the authy app to login in a new phone and use it?

        • Matti says:

          If you lose access to your phone, you lose access to your TOTP. In such cases, just click on forgot password and reset your login. TOTP is also removed. Then use your new phone to set up TOTP again if you want to trade illiquid stocks.

          • Akshay says:

            Great. Resolves my query. great initiative by zerodha.
            And don’t wanna trade in illiquid stocks either way. Thanks.

  173. Amresh says:

    Unnecessary process … may show or notify the buyer that it’s illiquid just like in sensibul …… many process will kill the platform….not needed….Also ….if the company is bad then it should not be listed at first place ….Broker role should make the platform user-friendly which is indeed wonderful in zerodha…but i think this should be SEBI’s role not Zerodha…so i don’t like this feature at all….

    • Matti says:

      We already do that, Amresh, but if you read the above post, you will see this is to protect users from phishing attacks. This is where someone else gets access to your account. In such cases, the warning would be meaningless as the attacker is anyway intending to create a loss in your account.

  174. Swatantra Kumar says:

    This is really bad, by this means broker wants to complicate things such that we can not buy or sell penny stocks.
    Its upto us and not on broker to decide, time to change.

    • Matti says:

      You just have to set up TOTP once to be able to trade anything you want. It isn’t that complicated. We’ve explained the same thing in the post above.

      • Renu says:

        Even after setting up to to to my account, I am still unable to place buy order for illiquid stock such as MUL. Now what to do further. Pl answer.

  175. Akshat Solanki says:

    If you could provide the names of illiquid, pump & dump Stocks, that’d have also helped traders.

  176. Dilip Shaw says:

    Agreed scammers will still trade, but 100% trades are not scammers.

  177. Dilip Shaw says:

    Good work. Another idea is to pop up a small window just before a buy order, giving warning to the client that he/she is buying an illiquid stock that can be dangerous. And if they are buying on a SMS/WhatsApp/Telegram/Email tip – beware it can be fraud and there can be losses. This will desist 50% of the buyers of illiquid stocks/options.

  178. Chandra says:

    Dear Team,
    One more suggestion from me. Instead of these TOTP lengthy process, why don’t you incorporate one more button like Nudge Tool in buying/selling panel? when ever we want to buy/sell that button warns like “I am 100% agree with taking risk and I am ignoring Zerodha warnings” enything some warning like that.

    Many Inverters are not well educated. They simply like to trade if it is a user friendly platform


    • Matti says:

      If a scammer has access to your account, he will 100% click on that button and proceed with the trade. This TOTP ensures only you can do it because TOTP is bound to your phone. Check the link in the post above that explains the phishing scam. 🙂

  179. Chandra says:

    Dear Team,

    I am not very well educated. Someone helping me to send this mails also.
    This rules are really giving lot of troubles. why this lengthy process? One mail is enough. We know trading is risk. and aware about market disclaimers. We want user friendly trading system…..

    I also thinking to open new ac in other platform

    Kindly make it user friendly.
    Thanks in advance.

    • Matti says:

      The email way of allowing trading is slow and not scalable. If there are a lot of requests in a single day, you’d have to wait longer. Now, you just need to set up TOTP once and enter the OTP only when you are logging in. After that, you can trade without any additional steps.

      Also, TOTP may soon be made mandatory by the regulator for all accounts, and all brokers will have to implement this.

  180. Chandra says:

    I clicked the Enable 2Factor TOTP many times and It’s allays says server not working or error. I am using PC. Not mobile. Kindly sort this issue. My network is OK I am able to trade and open other sites also.

  181. AC Naik says:

    Hello Team,
    I am little upset and annoyed, i have already set up TOTP on my account and but still I was not able to trade on the illiquid script.

    Also, i have already taken the approval on Hathway Bhawani, but today My GTT order was failed because TOTP was not completed.However i have completed TOTP already on my account.
    Can you please check asap and let me know what is exact issue?

    • Matti says:

      If you had already emailed [email protected] to trade these scrips, you have time till Monday to set up TOTP. Until then your order would not be rejected for this reason. Looks like there’s something else that’s off. Please contact our support desk.

      • Rex says:

        “Since we’re in the business of trading where time is critical” You written this line on top of this page & you are suggesting your clients to contact to support where he will receive an answer or solution after 2 days… wow

  182. Mahesh says:

    make TOTP mandatory for all tradeable stocks, phishing attack can trouble any tradeable stocks. Rather than using third party server for TOTP, ZERODHA should use its server to generate a high security OTP & send it to clients for login. It would be easy to use by clients & authenticate.

    • Matti says:

      Mahesh, as explained in the post above, OTP delivery is not reliable all the time. What if you want to place a trade but the OTP doesn’t reach you? Hence TOTP. And it doesn’t get any more secure than a Google or Microsoft service!

      • RP says:

        What is the procedure for old Zerodha customers to revoke POA and shift to the TPIN OTP system that has been started by CDSL?

  183. manoj says:

    The broker’s job is facilitating a product buy or sell. Not to decide on what to buy or sell on client’s behalf.

    • Matti says:

      Risk management is also a broker’s job. While we do facilitate trades, we also need to look at the risk such trades bring to the table. We have not decided what you should buy or sell, by the way. Just that you need additional security set up on the account to trade some scrips!

      • Sravan says:

        why you are copy-pasting same thing everywhere?

        • Matti says:

          Because the response is the same every time people bring this up. 🙂 A broker is not only someone who facilitates trades, but also has a responsibility to manage risk.

          • Ranjeet says:

            If a scammer gets into client account , He/She can make transaction to any other script “which you have not declared illiquid by your wisdom”.

            And you think people will not loose money there.


    • Prem_Nath says:

      Now they are acting like Daddy Knows the Best.

  184. Rahul Deshmukh says:

    You are broker not a caretaker.
    Do your job only.
    You blocked script like elcidin
    Think about it
    You cannot predict market.

    • Matti says:

      Risk management is also a broker’s job. While we do facilitate trades, we also need to look at the risk such trades bring to the table. We have not decided what you should buy or sell, by the way. Just that you need additional security set up on the account to trade some scrips!

      • Preetam says:

        This is getting too complicated & irritating. If I doesnt feel that user friendly while trading then will change the broker & ll transfer my portfolio.

        • Matti says:

          This is just a one-time set up process, Preetam. After that, you just need to login using TOTP, every day and trade normally.

  185. Preetam says:

    I think zerodha is already asking for mail confirmation & showing ‘Nudge’ warning before trading such illiquid stocks. So, now its upto investor whether to invest in it or not. Why is broker deciding stocks valuation & physically restricting client’s decisions? Rather don’t display such contracts on zerodha platform. I would suggest giving warning is well enough to clever clients in terms of illiquid stocks. On restricting phishing scams, then make TOTP mandatory for all contract, phishing attack can trouble anything.

    • Matti says:

      Risk management is also a broker’s job. While we do facilitate trades, we also need to look at the risk such trades bring to the table. We have not decided what you should buy or sell, by the way. Just that you need additional security set up on the account to trade some scrips!

      • Ranjeet says:

        If a scammer gets into client account , He/She can make transaction to any other script “which you have not declared illiquid by your wisdom”.

        And you think people will not loose money there.


      • Tauqeer Ahmad says:

        How you are doing risk management while I am doing analysis from last 1 month. You are banning for trade in certain zone and it is only open when all the benefits are made by persons who have purchased it. And when you lift the ban only when there is sure loss. And you are keeping this on SEBI in the name of open interest. Now who is culprit SEBI or you ?

  186. Naveen Verma says:

    It is very time consuming and difficult for a person trading through mobile kite app.
    1)Whether sell* order of holdings of such illiquid stocks too require such huge TOTP process to be followed or just for buying order.
    2) whether modifications of order placed also requires again TOTP process to be followed?

    • Matti says:

      Naveen, you only need to have logged in using TOTP. You don’t need to enter TOTP every time you place an order.

      • Gowrishankar says:

        Mr. Matti,

        I think it is necessary to protect the interest of traders and investors from phishing frauds. There are many gullible clients who become a victim to such scams. A step in the right direction by Zerodha, all who resist the motive and reason behind this move are either ignorant or are part of the scam (investigate them… lol, just kidding)

        However, I have a question as I do not know how this works. Would we be required to scan the QR code from Kite Web in order to get the 6 digit TOTP every time we need to login to sell the illiquid shares?

        • Matti says:

          No, you only have to do the scan but once. After that you will just need to use the TOTP from your authenticator app to login every day. Again, this is not for every order, just at the time of login.

  187. Raj says:

    I call it as foolishness. A shop has A to Z items. The seller says, X,Y and Z are not for sale.
    Trading in markets is risky, but, customer is here to take risk.
    Zerodha is trying to enact the role of Angel trying to save everyone.
    The broker’s job is facilitating a product buy or sell. Not to decide on what to buy or sell on client’s behalf.

    Slowly, favouritism on specific stocks will start from Zerodha.
    Time to change the broker. I will request for DIS.
    I hope SEBI will enter and inform brokers of WHAT THEIR JOB IS?

    BTW: How will you stop small IPO subscriptions from client?

    • Naveen Verma says:

      Exactly it is risk taken by market traders itself and brokers must stop interference between us. As such we are trading with cash and not on credit in such illiquid stocks.

      • Matti says:

        Risk management is also a broker’s job. While we do facilitate trades, we also need to look at the risk such trades bring to the table. We have not decided what you should buy or sell, by the way. Just that you need additional security set up on the account to trade some scrips!

        • Amresh says:

          How will it manage any Risk …do you think any buyer will not buy because of extra password?….it would be good if you place a disclaimer while placing order …but this extra password is complicating stuff …..we already have so many passwords….already

          • Roshan Alex Mathews says:

            Sir, what Matti is saying is not to decide or make it a hurdle to buy or sell a stock, the purpose of this extra layer of security is to prevent fraud from occuring due to credential theft, barely anyone if any buy such extremely illiquid stocks so in essence it will not effect any ot even all transactions, the added layer of security will make for a small if any delay and prevent a lot of people from falling victim from fraud

            • Rex says:

              If any scammer broke the password and his wish to make loss only by investing in Penny Stock than do u think scammer will noe make loss by creating FO possition / buying Lower circuit stock ? What the explaination you are giving man.

              This is the job of SEBI not yours. Tell me anyone Broker who is restricting client to buy penny stock.

            • Amresh says:

              Sorry to say but your arguments are really not convincing anyone…….I really appreciate the Zerodha platform …. but this feature really overhead…..we already have two-level passwords over that CDSL pin and now this…… 🙁 … even banks don’t have these many layers to transact…… The world is moving towards tap and pay …… If you provide a convincing use case I would gladly adopt it ….

              • Karunakara says:

                I have lost good amount while placing order for Angel Broking yesterday. I do not understand the reason for this aditional security. As one said above, a simple warningwill do. Angel is neither low liquiidity stock not risky on as of now. Why Zerodha has prevented me from buying this stock. This looks absurd.

        • Vinayak says:

          I dont agree, If you have MFA (TOTP) why do you want a PIN also for logging in. You are complicating login process.

          • Digen says:

            The TOTP replaces the PIN. The problem with the PIN is that it is fixed, like a password. You may only change it once in a while, every 3 or 6 months etc.

            If a scammer gets hold of your ID, password and PIN, he can use them to log in and place trades in your account. If he were to get your TOTP in the above manner, it would make no difference since it changes every 30 seconds and he would not be able to log in with your old TOTP. This makes your account far more secure.

            • Karunakara says:

              Then, make it manditory for all login, instead of only risky stocks. If any one can login to my account, they can sell all my equity or buy any unwanted equity and fininsh my account. Your reply is totally useless and reasoning is very flimsy. Either you dont know the right reason or this is really such a foolish idea. Please either remove this or make it manditory for all the transactions.

          • Najath says:

            They told you can take, but the broker wanted to know about any unscrupulous hand. If any penny stock shackled around your neck, you cant get rid of this genie as there wont be any takers. Otherwise you have to copy of same scammers crooked trick. So the broker wanted to know the de facto client himself or herself is jumping to this death knell. After confirmation, you are at free.

        • MURLI says:

          If somebody has bought a penny stock on your website then you cant suddenly stop him from putting sell order because of some sms tips etc. How is he going to liquidate and get out if you block his sell order? thouse who have already purchased should be allowed to sell without totp.

    • Matti says:

      Risk management is also a broker’s job. While we do facilitate trades, we also need to look at the risk such trades bring to the table. We have not decided what you should buy or sell, by the way. Just that you need additional security set up on the account to trade some scrips!

      • sam says:

        if you guys are not deciding what to buy or sell then why are u putting these kind of barrier… in market time is most important. bdw am using my money my effort why are you acting like a warden,
        better you do your job.

        • Matti says:

          Risk management is our job! Also, there is no lost time with this. Just set up TOTP once, and use it to login. After logging in, you can trade whatever you want without any interruptions.

          • Ranjeet says:

            If a scammer gets into client account , He/She can make transaction to any other script “which you have not declared illiquid by your wisdom”.

            And you think people will not loose money there.


            • Rex says:

              100% CORRECT. JUST Give your (Matti)password and I will make u loss by not investing in Penny Stock Also.

          • Manoj Kumar says:

            Mr. Mathi,

            What if there is a issue where i cannot login using TOTP and you get only 5 attempts i have got this issue today and my day has been lost, so who is going to give back the time that i had lost and the trade that i would had done today.
            Even now i am trying to login it is not letting me to login and there is a error popping up even though i enter the correct TOTP

            Can any one from zerodha or some expert give me a solution for this

            • Matti says:

              Hey Manoj,

              1. You can click on “forgot password” and reset your account to remove TOTP and login.
              2. The only scenario where the you enter the TOTP correctly and it shows incorrect is if the clock on your phone is not correct.

      • S GUNASEKARAN says:

        It is a laudable initiative and it may be introspected if need arises.

    • pazhani says:

      zerodha make zero of the penny stock by the time of totp authentication . very disappointed for Totp… all broker are very clear to people have to lost ,.. i hate totp authenticate … please remove

      • Matti says:

        You only have to do TOTP authentication once while logging in, not while placing each order! Please read the post again.

    • yash says:

      this is the most shitiest thing to do as not able to perform trades, seriously its time to change the broker.

    • Sanmati B patil says:

      Yes on Tuesday I tried to place Reliance 22000CE jul buy order, n prm price was 0.05.. but when placing order shown some error msg n couldn’t place order.. n on Wednesday the prm price made high of 7+ n folded around 5-6 rupees.. now because of zerodha I couldn’t earn

  188. Donesh says:

    I have setup the TOTP but I am not able to place the illiquid trades.


    • Matti says:

      You have to log out and login with TOTP to place trades.

      • Srikant says:

        I logged out and logged in using TOTP.
        I still can’t execute an option outside your “enforced limit” (which is 9850 TO 10400 CE & PE for 11 Jun 2020 expiry).
        The error says the same “Strike price is outside the allowed range. Try a strike closer to the spot price.”.

        By the way, the 11000CE has ample liquidity (many brokers allow it without causing trouble to clients).

        • Matti says:

          Ah, this restriction isn’t due to liquidity, but due to exchange OI limits. There is a way around this though. Please fill this form and we’ll have someone contact you to help.

          • Srikant says:

            I filled the form and requested a time slot in the next 30 mins (hope someone responds).

            By the way, I can place the same weekly 11000CE with the other broker, there isn’t any trouble by exchange OI limits for them!

            Why Zerodha do this?
            I hate to use the crappy interface of other brokers, but nevertheless they do one basic thing right, they provide the client the freedom to exercise any exchange-listed script.

            For instance, tomorrow’s weekly expiry only 550 point bandwidth is allowed with Zerodha (9840-10400) on Nifty, do you want us to design our strategies based on your daily changing ranges?

            Stopping phishing attacks by disabling the scripts altogether! This doesn’t even sound logical, and enforcing on the client who pays you, not a fair deal, not according to me!

          • Srikant says:

            There wasn’t any call from your side. Nor any acknowledgment.

          • Dumb says:

            Are you all seriously filling a random form and providing your client ID and phone number? That’s so effin irresponsible. And then people crib when they get scammed…

            • Matti says:

              The form is from us! I am a Zerodha rep and have been responding on this forum for a while now! While I get your point, wouldn’t it make sense for you to first look up what is happening BEFORE posting?

        • Karan says:

          I’ve complained about it the past. They haven’t responded

        • VIKS says:

          why , you doing this zerodha team , let your customer decide , now how i average my loss contracts …..not abkle to place order , after athenticate , lots of times , zerodha is really shit , really need to change this peace of dirt

          • aksh101 says:

            shame on you zerodha , due to your pathetic service , your customer incure losses , i cant average my trades

  189. Dp says:

    Done 👍 very easy get daily New code .. great work by Zerodha

  190. NARAYAN says:


  191. Pravin More says:

    One step forward for safety

  192. Gangadhar Barik says:

    I can’t find any client ID on the top right hand corner of the page and now to select my profile from drop down. Please help