How to enable and use SMS as Two-Factor Authentication method


SMS as Two-Factor method is a quick and easy way to carry out your authentication tasks. This article explains how to set up your mobile phone number to receive authentication codes via SMS.


How to Enroll into SMS authentication

To enroll into SMS Two-Factor Authentication, you would need to have a verified mobile phone number on record. If the verification of your phone number was not completed during the account application, you can complete it at any time by following these steps:

  • Log in to Account Management.
  • From the side menu, click on Settings and then on User Settings. Click on the configuration gear correspondent to Mobile Number. If you are using the Classic Account Management, this section can be reached from the top menu Manage Account -> Account Information -> Details -> Profile, by clicking on the link "Modify"

  • Click on VERIFY
  • Open your phone's text messages app and you will find the SMS with the Confirm Code we sent you.
    NOTE: message delivery time may vary and in some circumstances it can take few minutes.
  • Enter the Confirm Code you have received into the Confirmation Number field, then click CONTINUE.
  • If the code has been accepted, a green check mark will appear in the column SMS Verified. Click CONTINUE to finalize the procedure.
  • If your user does not have an active SLS device, it will be automatically enrolled in SMS for Two-Factor Authentication shortly afterwards.

    Back to top


How to login using SMS authentication

Once SMS has been enabled as 2-Factor Authentication method, you will be able to use it in the following way:

  • Launch the management or trading platform you wish to log in to
  • Enter your username and password in the correspondent fields and click Login
  • You will then be prompted to enter the authentication code sent to you via SMS. Please open your phone's messages app and look for the message containing the code.

  • Enter the authentication code in the Security Code field present on the login screen, and then click on Login or OK

Back to top







  1. 進入手機的設置菜單
  2. 在“手機”板塊下,選擇應用 MOVED TO... 應用管理
    Select Applications  Application Manager
  3. 向下滑動并選擇要重置的IB程序。
    Select IB apps
  4. 點擊存儲
    Select Storage
  5. 點擊刪除數據 MOVED TO... 刪除
    Clear IB app data  Confirm Delete cleared data
  6. 確認數據已刪除。
    Confirm data is cleared
  7. 點擊存儲旁的返回箭頭
    Presss back from storage
  8. 點擊權限
    Select app permissions  Enable Phone and Storage permissions
  9. 重啟手機
  10. 重新打開應用程序




  1. 進入手機的設置菜單
  2. 設備板塊下,選擇應用
    Select Apps
  3. 向下滑動并選擇要重置的IB程序。
    IB Apps
  4. 點擊刪除數據 MOVED TO... 確認
    Clear App data  Delete app data -> OK
  5. 確認數據已刪除
    Confirm Data cleared
  6. 重啟手機
  7. 重新打開應用程序



  • 知識庫文章KB2277IB Key安卓概述
  • 知識庫文章KB2748在安卓上恢復IB Key的流程







  1. 进入手机的设置菜单
  2. 在“手机”板块下,选择应用 MOVED TO... 应用管理
    Select Applications  Application Manager
  3. 向下滑动并选择要重置的IB程序。
    Select IB apps
  4. 点击存储
    Select Storage
  5. 点击删除数据 MOVED TO... 删除
    Clear IB app data  Confirm Delete cleared data
  6. 确认数据已删除。
    Confirm data is cleared
  7. 点击存储旁的返回箭头
    Presss back from storage
  8. 点击权限
    Select app permissions  Enable Phone and Storage permissions
  9. 重启手机
  10. 重新打开应用程序




  1. 进入手机的设置菜单
  2. 设备板块下,选择应用
    Select Apps
  3. 向下滑动并选择要重置的IB程序。
    IB Apps
  4. 点击删除数据 MOVED TO... 确认
    Clear App data  Delete app data -> OK
  5. 确认数据已删除
    Confirm Data cleared
  6. 重启手机
  7. 重新打开应用程序



  • 知识库文章KB2277IB Key安卓概述
  • 知识库文章KB2748在安卓上恢复IB Key的流程




• 請勿使用您個人的生日
• 請勿使用您孩子或者任何直系親屬的生日
• 請勿使用您個人或者辦公地址信息,如街道名稱、門牌號碼、郵政編碼
• 請勿使用您身份證件信息(如社保號或者身份證號碼)
• 請勿使用電話號碼
• 對於PIN碼的非數字部分,避免使用您或您的家庭成員或親屬的姓名首字母,或您所在城市的名稱或球隊的名稱
• 避免使用您本人、您的家庭成員或親屬的姓和/或名
• 我們建議在PIN碼中包含大小寫字母和數字
• 要滿足以上要求搆造一個方便記憶的PIN碼,您可以想一個句子,然后將該句子的首字母組合起來。


How to migrate the IB Key / IBKR Mobile authentication to a new smartphone


This article details the steps needed to reactivate the IB Key authentication via IBKR Mobile in the event you have lost or replaced your smartphone.



You may be able to perform the reactivation without having to contact the IB Client Services in the following cases:

A) New phone, Same phone number: You were performing the SLS (Two-Factor) authentication using the IBKR Mobile app on your old smartphone and you still use the same mobile phone number on your new device. Should this be your case, proceed directly here.

B) New phone, an Additional physical security device is active: You are currently in possession of an active physical security device (Secure Code Card, DSC+) for your user. Should this be your case, continue reading here.

C) New phone, Still in possession of old phone and old app: You were performing the SLS (Two-Factor) authentication using the old standalone IB Key app and you are still in possession of your old smartphone. Should this be your case, follow the instructions here.

In any other case, we would kindly ask you to request a temporary account access by contacting the IB Client Services (Secure Login department) on the phone number best suitable for your location, among the ones listed on



A) I was using the IBKR Mobile app on my old smartphone

Regardless whether you are still in possession of you old phone, if you were using the IBKR Mobile app, you will be always able to reactivate it on your new smartphone following the steps below
1. Install the IBKR Mobile app on your new smartphone. Should you need additional guidance for this specific task, refer to one of the below links depending on your phone's operating system:

2. Launch the IBKR app and tap the link Services on the top left corner of the screen

3. Tap Register Two-Factor
4. Tap Continue
5. Enter your username and password and tap Continue
6. An SMS containing an authentication code will be sent to your mobile phone number. Enter that authentication code in the Activation Code field and tap Activate (note that the code in the illustration below is an example value and differs from the code you will receive)
7. If the activation has been successful, you will see a confirmation screen. Tap on Done to finalize the procedure

B) I am in possession of a physical security device active for my user

Regardless whether you have possession of your old phone, you can always activate or reactivate the IBKR Mobile authentication on your new smartphone using your physical security device to validate your request. Please find the instructions by clicking one of the below links, according to your smartphone operating system:

C) I was using the IB Key app and I am still in possession of my old smartphone

If you were using the IB Key app, you will be able to activate the IBKR Mobile authentication on your new device using the old IB Key app to validate the request. You would therefore need to be still in possession of your old smartphone. Please follow the steps below:
The steps below have to be performed on your NEW smartphone
1. Install the IBKR Mobile app on your new smartphone. Should you need additional guidance for this specific task, refer to one of the below links depending on your phone's operating system:

2. Launch the IBKR app and tap the link Services on the top left corner of the screen

3. Tap Register Two-Factor
4. Tap Continue
5. Enter your username and password and tap Continue
6. If the system is able to use the seamless authentication, it will automatically send a notification to your old phone at this point, otherwise it will show you a Challenge code and a field where to enter the Challenge Response. In both cases please proceed to the next step
The step below has to be performed on your OLD smartphone
7. If you have received a IB Key notification on your old smartphone, tap on it. The IB Key will automatically open, prompting you to scan your fingerprint, use FaceID or enter your PIN code. Please provide the requested security element and jump directly at point 8
If you have not received a notification on your old smartphone, open the IB Key app. You will be requested to input the Challenge code you obtained at step 6. Enter that Challenge code and then tap Generate. Once you have provided the requested security element (Fingerprint, FaceID, PIN), you will obtain a Response String
The steps below have to be performed on your NEW smartphone
8. Go back to your new phone. In the Challenge Response field enter the Response string you obtained at step 7 and tap Continue

9. The default mobile phone number on record for your account will be already selected. If you are not able to receive text messages (SMS) on that number, you should choose a different one from the list (if applicable) or add a new one. To add a new phone, tap Add Phone Number, enter the new number1 and the correspondent Country.  Once you have selected or added the desired mobile number, tap Get Activation SMS
10. You will receive an SMS message containing an Activation Token. Enter it in the Activation Code field and tap Activate

11. According to your phone operating system and hardware capabilities, you might be prompted to provide or define the security element to be used  to secure the app (Fingerprint, Face ID2, PIN)

12. If the activation has been successful, you will see a confirmation screen. Tap on Done to finalize the procedure



  1. You must enter your phone number without your country's trunk prefix and only enter numbers without any spacing or special characters
  2. If using an iPhone X, please make sure the following conditions are met in order to use IBKR Mobile with the iPhone's Face ID technology:
    - The IBKR Mobile app on the phone is a new download from the App Store and not synced from the old phone via iTunes or iCloud backup
    - Face ID is enabled to unlock the iPhone (iPhone Unlock is switched to ON/Green in the Face ID & Passcode menu within the Settings app on your phone)



  • See KB2260 for instructions on how to install/activate/operate the IBKR Mobile app
  • See KB2748 for instructions on how to recover the IBKR Mobile app


Mobile Phone Verification during the account application


IB requires that clients verify their mobile phone in order to receive account and trade related communication directly via SMS.  Clients who fail to verify their phone will be subject to trade restrictions pending completion of this process. Verification is performed online and the steps for doing so are outlined below.
In case your account has been already opened but your mobile number has not been yet verified, please jump directly to KB2552 to complete the verification process.


Phone Verification

When completing your Interactive Brokers Account Application, you will see a blue bar at the top of the page that says "CONFIRM MOBILE NUMBER."

You can click on that bar any time during steps 1-4.   Once you do, you will see this window:

Once you have entered your full number, it will be recognized and a confirmation message is sent immediately.  Validate your phone number by entering the SMS Code received in the Confirmation Code field and click Submit.

If you are unable to do this during the application process, you can always confirm it on the Application Status page


Please consider the following as certain restrictions may apply:

  • SMS messages may be blocked if you participate in your Countries NDNC (National Do Not Call) registry.
  • Due to fraud prevention measures, virtual number providers may be blocked.
  • Some carriers may restrict the Hours of delivery for SMS messages.


Multiple 2Factor System (M2FS)


This page covers specific points on what the Multiple 2Factor System (M2-FS) is and how it functions. For general questions on the Secure Login System, please refer to KB1131.


Table of contents


What is M2-FS?

M2-FS allows any client to maintain more than one active security device at the same time. No more do you have to pick and choose whether you prefer to use a physical security device or the IBKR Mobile app as either can be used interchangeably.


Back to top 


For any clients with an active security device, any further device activation will result in both devices remaining active.

I currently use the Security Code Card / Digital Security Card+: Clients who currently use a physical security device, simply need to download and activate the IBKR Mobile app. Refer to the directions for Android and iOS for details.

I currently use the IB Key or the IBKR Mobile app: Clients who currently use the IB Key or IBKR Mobile app and qualify for the Digital Security Card+, can proceed to login to Account Management and request that device1 by following the instructions here.


1: The DSC+ is available to accounts with a balance greater than USD 500,000. If your account is below this limit we recommend the activation of the IBKR Mobile authentication, as explained here


Back to top  


Once you have both a Physical device and the IBKR Mobile app enabled, M2-FS is represented by a drop-down menu upon login. You can now choose the device you wish to authenticate with.

  1. Enter your username and password into the trading platform2 or Account Management login screen and click Login. If correct, a drop down option will allow you to Select Second Factor Device:

    TWS Login -> Select Two Factor Device

    Account Management:
    Acct Mgmt Login -> Select Second Factor Device
  2. Once you select a security device, you will now be presented with the corresponding screen for authentication. Refer to the directions for:

    - IB Key via IBKR Mobile (iOS) 
    - IB Key via IBKR Mobile (Android)
    - Security Code Card
    - Digital Security Card+
  3. If authentication succeeds, the Log-in will now automatically proceed.

    TWS Login completes after two factor authentication

    Account Management:
    Ascct Mgmt Login completes after two factor authentication



2: Requires TWS Build 966 and above.


Back to top

Withdrawal limits

The device used to authenticate your withdrawal, will dictate the withdrawal limit at that time. See details below:

Security Device
used for Withdrawal

Maximum Withdrawal
Per Day

Maximum Withdrawal
in Five Business Days

Security Code Card USD 200,000 USD 600,000
IB Key / IBKR Mobile app USD 200,000 USD 600,000
Digital Security Card3 USD 1,000,000 USD 1,500,000
Digital Security Card+ Unlimited Unlimited
Gold Device3 Unlimited Unlimited
Platinum Device3 Unlimited Unlimited

3: Represents a legacy device that is no longer issued.


For example if you have both the IBKR Mobile app and the Digital Security Card+ enabled and need to withdrawal more than USD 200,000, you can use either device to login to Account Management but will be required to use the Digital Security Card+ to confirm your withdrawal request.


Back to top


M2-FS provides even more flexibility to IB's Secure Login System by allowing you to choose what security device you want to authenticate with. In addition to the convenience of using a device which is trusted and routinely accessible, you can eliminate delays associated with authenticating at times a trade needs to be entered quickly.


Back to top 

IBKR Mobile Authentication as a 2-Factor Solution


At IB, we are committed to protecting your account through the use of 2-Factor log in protection. With 2-factor protection, account access is provided through use of "Something you Know" (i.e. entry of user name and password combination) along with "Something you Have" (i.e., a tool which generates a random code to be entered after the user name and password).  This 2-Factor protection is intended to mitigate the risk of online hackers (who've acquired your password via malware or social engineering) accessing your account.

While IB offers multiple 2-Factor options, IBKR Mobile Authentication is generally viewed as the most convenient to access and operate. Outlined below are some of the convenience factors offered by this app.


1. Always Available: 
Your smartphone is always with you, as well as your tool to grant you secure access to your IB account

2. Convenient:
No additional devices to carry, track and watch out for. In the event of loss or change of phone, the IB Client Services can assist you to get the app back up and running at a moment’s notice.

3. Quick Activation:
A couple of minutes within the download of the app, you can already use it to authenticate into your account.

4. No Shipping, Delivery or Return:
No delivery delays, no return of devices with depleted batteries. A quick download suffices.

5. Secure, but quick and No-Hassle Login with our Seamless Authentication:
When logging into the Trading Platforms or the Account Management, you only need to enter your username and password - IBKR will send you a notification and you will use the IB Key protocol to complete the authentication, via fingerprint or PIN, depending on yoru configuraiton.

6. Allows for multiple users to authenticate with the same app:
If you have one security device for your personal IB account, one for your joint account with your spouse and one for your business account you will be happy to know that you can activate the same app for all those users (and more).

7. Available for every smartphone, everywhere:
IBKR Mobile can be downloaded from the Apple App Store if you have an iPhone. Android phone users can get the app as usual from the Google Play store. Clients in China can obtain the application on both Baidu and the stores.

8. Works even Offline:
Should your phone be offline (like when on vacation or with a bad reception), you can still use IBKR Mobile Authentication. Even though Seamless Authentication won't be accessible, the application can generate the codes you need to access your account and trade.

9. Secure delivery for your Password Reset:
With IBKR Mobile installed and the  IB Key authentication activated, you can have the IB Client Services send you a temporary password to your phone in a secure way without exposing it through text messages and other means of communication. More services for interaction with

10. Small footprint:
IBKR Mobile can be downloaded even on the most restrictive data plans and be installed on your smartphone without hogging resources. The application size and its operational use of resources are limited to the absolute minimum, while not compromising on its security.


For a general overview of IBKR Mobile Authentication including installation, activation and operation, please see KB2260.





  • 登錄賬戶管理。
  • 在側邊欄菜單中,依次點擊設置用戶設置。點擊手機號碼對應的配置齒輪圖標。如您使用的是傳統賬戶管理,您可通過管理賬戶 -> 賬戶信息 -> 詳情 -> 個人信息菜單,點擊“修改”鏈接找到該板塊。

  • 點擊驗證
  • 打開您手機的短信應用,您將看到我們發送給您的帶有確認碼的短信。
  • 確認號碼區域輸入您收到的確認碼,然后點擊繼續。
  • 如該確認碼被接受,則“短信已驗證”欄目下會出現一個綠色的勾。點擊繼續完成操作。
  • 如您的用戶沒有活躍的SLS設備,該用戶將很快自動被納入短信雙因素驗證項目。有關如何通過短信完成登錄驗證的說明,請見KB3196





  • 登录账户管理。
  • 在侧边栏菜单中,依次点击设置用户设置。点击手机号码对应的配置齿轮图标。如您使用的是传统账户管理,您可通过管理账户 -> 账户信息 -> 详情 -> 个人信息菜单,点击“修改”链接找到该板块。

  • 点击验证
  • 打开您手机的短信应用,您将看到我们发送给您的带有确认码的短信。
  • 确认号码区域输入您收到的确认码,然后点击继续。
  • 如该确认码被接受,则“短信已验证”栏目下会出现一个绿色的勾。点击继续完成操作。
  • 如您的用户没有活跃的SLS设备,该用户将很快自动被纳入短信双因素验证项目。有关如何通过短信完成登录验证的说明,请见KB3196
Syndicate content