Google authenticator for zerodha -
Looking for:
- How to enable TOTP in Zerodha - TechStory |
Google authenticator for zerodha
Mandatory TOTP for all Kite Connect apps - Kite Connect developer forum.
Just enable the two-factor authentication in your account settings for your provider, scan the QR code provided and you're good to go! Cloud Sync Premium Never lose your codes again! This keeps you in total control of your data while providing effective cloud backup.
Using the Cloud History feature, you can easily restore recently changed data with ease. Browser Extension Premium 2FA on the desktop is now easier than ever before!
With a single tap, push your 2FA codes to your desktop browser. No need to manually type in the codes again. Dark theme Do you love the dark mode? We sure do! Easily change between the light and dark mode in the app and widget. More power to you. Organise via Labels With the inbuilt labels, you can easily group and manage a large number of accounts.
The inbuilt search feature helps to find any account in seconds. You can export your data from one platform, and simply import it on the other. Multi-device usage This 2FA app empowers you to create both cloud backups via Cloud Sync and offline backups.
This is highly useful in cases where you use 2 devices or need to switch your phone. If some service does not work for you, please contact our support. Multiple language support Experience the app in a more intuitive way by using it in your language. The app comes with the support of 7 popular supported languages.
Don't see your language in the app? If time permits I will write a post on how to do it, but as all of us are devs here, just check below pointers. QR holds a key you can copy that by clicking link below it. Use that key and system time to generate TOTP. Just supply the key you got from step 2. So its not so difficult to automate login. Thanks amit0. I am talking about before 1st October. May be helpful for python developers It only changes whenever you change your 2FA app or re-register.
I did see your comment that a lot of things happen before you can flush it I'm assuming including calculating funds in the account. However, I assume the token is only accessible by the user and not by Zerodha - so flushing really shouldn't have an impact on your systems.
Maybe internally you can hash the previous token and continue your processes, but flush the user token so we can generate a new one earlier? In short I'm proposing a new internal token you use for whatever processes you have which require it I don't know why it should be used - but whatever the reasons it solves your purpose and the user token can be flushed.
Can you please share the steps in kite connect for this. What is the secret key here? What need to passed under KiteInstance. AccessToken; KiteInstance. Matti Its strange to see that these rules don't apply to kite mobile app? Care to explain the rationale? I understand that order placement will be rejected b.
But please confirm that other read-only api's like ltp, quote will still work. Just a question out of curiosity. The use of TOTP to safeguard against suspicious trades was a helpful feature.
With this change there is no protection against such trades. Developers will always find a way around it one way already discussed here. Trying to stop them from fully automating stuff is everyone's waste of time and resources.
Otherwise It will be difficult to find the right code for this. I understand that order placement will be rejected Yes, all order placement-related calls will be throwing Yes, this will work as before. Yes, we will update the login flow documentation , before going live i. I would like to see the documentation updated for.
Net API client. Zerodha should first update the documentation then announcement should be made. Please postpone the date. Provide some time to user to update the code. Functionally, the APIs remain unchanged. Thanks Matti. Sorry for the confusion. I am able to login without any code changes after enabled TOTP option in kite web.
Guhan September I am using it and it is working perfectly well using selenium. Trust me it's as seamless as without, with the added peace of having another layer of security. I have the Authy app on 2 devices for token generation, just in case. Congrats to Zerodha team for implementing this well. JeetKumar October Hi, Consider this please. I am an "almost blind" person, and I got my API system developed because I was having major problems using kite apps and website to place order.
Its an issue with every broker in India. The apps and websites are difficult to use by blind or almost blind people. Everything was ok with API, I could trade using my own "simpler" platform, built specifically for me. Everything works with my screen reader on my simpler platform, no problems. Now you are implementing this 2FA system, which requires me to use a third party app on smart phones to get a code daily, and use that code to login within 30 seconds.
Is that right? It will take me over a minute to even open the app, let alone read the code using accessibility technology of the phone By that time, the login flow has expired, am I right? So I need to find someone everyday who can help me login to zerodha, "daily" Why is India so inconsiderate and insensitive towards blind people?
SEBI has no idea that even blind people are trading? I am sincerely asking and requesting, please keep this optional. Please do not make it manditory.
Anyone who requires higher security, they can opt for the system, or else, let the user be responsible for their API and account security.
You can update your terms of use and make us accept the terms, and let the user be responsible for the security. No need for you to take the responsibility and implement password layer over layer over layer over layer in the name of security.
I will happily take the responsibility of securing my API and account, no problem. Can you please give me a direct line of communication with SEBI? I will take up this issue with them as well. If I give you a written complaint as zerodha user, can you forward it to SEBI, asking them to consider? It will have more impact on SEBI if the request goes through you, instead of me as individual Its really sad to see how insensitive decision makers are in India, specially when it comes to accessibility ZERO idea of our problems.
Totally zero. Again, sincerely asking, please please reconsider this decision. It will make things a lot lot difficult for people like me. Please reconsider this. Honest, it will make so much problem for people like me You have no idea Can someone be kind enough to give me details on how to setup this "google authenticator" app on my android phone, and then how to connect it to zerodha Matti October Hi JeetKumar We understand the situation and can sympathise with your plight.
However, we can't make an exception to complying with SEBI rules. Matti That's the whole point. If SEBI is the dictator, then as service providers you must make them aware of situations of your customers, people like me.
I am sure that I am not the only blind person in your client list. There must be many more. But you are giving me a straight "NO" as answer But also give disabled people an alternative. Where is that alternative? Its not there because you are not willing to tell SEBI that an alternative is "needed" and a "must needed".
Do you see my point now? Every website in USA like countries is supposed to have an alternate system for disabled people, so that "functionality" is accessible to "everyone". But here, you are directly saying, "NO". And that too in the core login process LAWS are not coming down from sky. We are making them. We can change them too But there has to be a will to make the change in the law Simply refusing is not the answer to the problem JeetKumar Sir, you are talking about removing this 2 fa.
Sebi implemented stupid margin rules,no broker said anything. How do you expect anyone will say anything against 2 fa! Better, just learn to adapt. Use the tools i told you. You can still automate the login process. Matti i enable 2fa in zerodha mobile app, and also re-login through 2fa, but there is no option in zerodha kite developer page to login through 2fa, i demanded only ID and PW, is it normal, do i have to login in developer kite connect page to execute orders through algo and api, or just once a day login in mobile app through 2fa is enought to execute orders?
Recently, many fraudsters set up fake websites that mimic the look and feel of the login pages of the trading platforms offered by many large stock brokers. These websites were then sent to unsuspecting investors through various means of communication, such as text messages, e-mails, and social media posts with contact data stolen from a variety of sources. Unsuspecting investors then happened to click on these fake links where they entered their login credentials, such as their username, password, PIN, and other private information.
This would generate a loss on the compromised account. There are also many cases where scammy penny stocks are bought in customer accounts at a high price, and these were shares that cannot be sold on the market as there would be no buyers.
As a temporary fix, Zerodha, an Indian financial services company, had blocked trading by default in all illiquid risky contracts, such as stocks and options.
Comments
Post a Comment