对于加入安全登录系统的客户，如果其安全设备找不到、遗失或损坏，IBKR会提供临时密码。客户可在2天内使用此临时密码访问客户端和交易平台。2天后，临时密码便不再能用于访问交易平台，但仍可在8天内供客户访问客户端。但客户端的访问权限仅限于打印或保存在线安全代码卡。

而在线安全代码卡则有21天有效期，可以让账户持有人有时间找出设备，或者如果是设备遗失或损坏导致需要更换也可在收到更换设备前继续访问账户。没有实物安全设备又无法使用临时密码或在线安全代码卡登录的账户持有人要访问账户需联系客户服务（ibkr.com/support）。

恢复账户永久性访问的最快办法是安装并激活采用IB Key的移动IBKR程序。有关此智能手机程序激活的详细信息，请参见此处。

重要通知

根据政策，IBKR将不再为账户连续提供临时密码，而是会通过实物安全设备将账户保护提高至最安全等级。

参考链接

• KB70：请求临时密码的说明
• KB1131：安全登录系统概述
• KB2636：安全设备相关信息与程序
• KB2481：在两个或以上使用者之间共享安全登录设备的说明
• KB2545：退出后再参加安全登录系统的说明
• KB975：如何将安全设备退还给IBKR
• KB2260：通过移动IBKR激活IB Key验证的说明
• KB2895：多重双因素验证系统（M2FS）
• KB1861： 安全设备更换费用

Table of Contents

1. Monitor your account
2. Maintain Accurate Account Information
3. Employ Safe Computing Practices
4. Protect your Data
5. Handle with caution pop-ups, unknown emails, and links
6. Handle passwords securely
7. Mandatory Secure Login System (SLS)
8. IP Restrictions 

1. Monitor your account

• Regularly check your account balances and positions through TWS and the daily statements available in Client Portal.
• Immediately report anything suspicious by contacting Client Services through any real-time method (Live Chat or Phone Call) listed under ibkr.com/support .

2. Maintain Accurate Account Information

• In the event that we detect unusual or suspicious activity, being able to contact you is essential.
• Accordingly, you should always ensure that the contact information you have provided (e.g. telephone numbers, email address) is always accurate.
  • To update your contact information, log in to our Client Portal. From the main menu, select Settings > User Settings and go to the Communication panel.

3. Employ Safe Computing Practices

• Lock your computer if you're leaving it for a period of time by setting up a password protected screensaver. Always turn off your computer when you have finished using it. This recommendation is imperative for mobile computers and highly recommended for shared machines.
• Avoid accessing your brokerage account from public computers. Some of those may have been targeted by hackers and have a keystroke-capture software. If you must use a public computer, remember the following:
  • Use the virtual keyboard on the login window to avoid having your keystrokes captured.
  • Log out after accessing your account.
  • Never leave the computer unattended while logged in.
  • Clear the browser cache after logoff so that no sensitive information remains stored on the computer.
• Regularly check for security updates and patches for your operating system and use the most current version of your browser.
• Create separate profiles (user/password protected) if your computer is shared with a third party.

4. Protect your Data

• Do NOT share personally identifiable information like your SSN, Credit Card number when answering an unsolicited email, phone call, text message, or instant message. In case of a doubt, ask for a name and a callback number, as well as an internal reference number for the communication.
• Do not share files unless it's absolutely necessary. It's a smart idea to disable the file and printer sharing features, but if you decide to use these, make sure that you configure the access permissions with strong passwords, and only share for specific users.
• Consider the encryption of your email communication:
  • It's important since it protects you from a data breach, and from the hacker to read your messages (the hacker won't have access to the information).
  • Either configure your email settings to encrypt your messages, or use an end-to-end encrypted email service (e.g. ProtonMail).

5. Handle with caution pop-ups, unknown emails, and links

• Beware of phishing - phishers try to trick you into clicking on a link that may result in a security breach. Make sure that for sensitive information and login, you mouse over links and/or verify the website's address in your browser's address bar.
• We recommend that you use a pop-up blocker (sometimes integrated in your browser) and set its security filter to the highest possible level. Then either add the IBKR website to your list of "trusted" sites, or disable your pop-up blocker while using our website.
• Use email safely, and delete without opening messages that don't originate from a trusted source as they may contain harmful attachments or links, or may be an attempt to fraudulently obtain sensitive information. Turn off the "preview pane" in your email system as this function can allow some viruses to be executed even if you never open the email. Make sure that you add to your address book the IBKR email addresses.

6. Handle passwords securely

• Use the maximum characters available and avoid simple or duplicate alphabetic and numeric sequences or passwords containing personal information.
• Do NOT share your password with anyone.
• Change your password frequently and do not use the same password for multiple systems.
• Do not leave notes on your monitor, keyboard, desk or drawer to help you remember your passwords.
• Use a password manager to store your passwords. This software will not only allow you to generate complex passwords, but as well to store them securely.

7. Mandatory Secure Login System (SLS)

• The Secure Login System provides an extra layer of security to your IBKR account at no charge through the use of a free physical security device or IBKR Mobile Authentication. The enrollment in our SLS program is mandatory.
• IBKR offers the following solutions:
  • SMS (automatic enrollment at account opening).
  • IB Key Authentication via IBKR Mobile (available to all our clients - requires a smartphone).
  • Digital Security Card + (available to accounts with a balance greater than 500K USD).
• We support multi-2FA, meaning whenever possible, we recommend users who have an active DSC+ to also activate IB Key on their smartphone.
• Click here for an Overview of our SLS Program (KB 1131)
• Click here for an details on IBKR Mobile Authentication (KB 2260)

8. IP Restrictions

• To prevent the login to your IBKR account from an unauthorized computer, enable IP Restrictions via the Client Portal.
• With IP Restrictions active, login to your account on any of our platforms (Client Portal, TWS and IBKR Mobile) will only be permitted if the device you are using is connected to the IP address(es) you've previously designated.
• Click here for further instructions on IP Restrictions

Requirements:

• The IBKR Mobile app must be installed and IBKR Mobile Authentication (IB Key) already activated on this iOS device.
• For more information on the installation and activation on iOS devices, please refer to KB2278.

Instructions:

1. On your iOS device, open the IBKR Mobile app.

     1.a. If the app opens with the login screen (Figure 1), tap on Services on the top-left corner (red arrow) and proceed with step 2. 

     1.b. If the app opens with your Home Page, Portfolio, Watchlists, or similar, tap on More on the bottom-right corner (Figure 2). Then tap on Two-Factor Authentication (Figure 3), followed by Add User (Figure 4) and proceed with step 3.

Figure 1.                                       Figure 2.                                       Figure 3.                                                                     

Figure 4.                                     

2. Tap on Authenticate (Figure 5) and then on Add User (Figure 6).

Figure 5.                                         Figure 6.

3. Read the instructions and then tap on Continue (Figure 7).

Figure 7.

3. Enter your Username and Password, and then tap on Continue (Figure 8). 

Figure 8.

4. An Authentication Code will be sent via SMS to the mobile phone number listed on your account (Figure 9). Enter this Authentication Code in the Activation Code field and tap on Activate (Figure 10).

Figure 9.                                                    Figure 10.

5. Depending on your smartphone's security settings, you will be asked to use your Passcode, Touch ID, or Face ID (Figure 11).

Figure 11.

6. If the activation has been successful, you will see a confirmation screen. Finally, tap on Done to complete the procedure (Figure 12).

Figure 12.

This article will guide you in completing these tasks with the following Secure Login Devices:

• IB Key (iOS)
• IB Key (Android)
• Digital Security Card (DSC+)

-----------------------------------------------------------------------------------------------------------------------------------------------------------

Verify your identity with IB Key (iOS)

1. When you initiate a task that requires a verification, you will be prompted to enter Username and Password. Fill out the information and click on Continue (Figure 1).

Figure 1.

2. A Challenge Code will be displayed, along with a passcode field to enter a response (Figure 2). You will enter this Challenge Code onto your phone.

Figure 2.

3. Launch IBKR Mobile on your iOS smartphone, and...

     3.a. If the app opens with the home screen (Figure 3), select Authenticate then proceed with step 4.

     3.b. If the app opens with the login screen (Figure 4), tap Services on the top left (red arrow), select Authenticate (Figure 3) and proceed with step 4.

     3.c. If the app opens with your Home Page, Portfolio, Watchlists, or similar (Figure 5), tap More on the bottom-right (red arrow). Then tap Two-Factor Authentication (Figure 6), tap Generate Code (Figure 7) and proceed with step 4.

Figure 3.                                           Figure 4.
     

Figure 5.                                           Figure 6.                                            Figure 7.

4. Type the Challenge Code from Client Portal (see step 2.) into the corresponding field and select Generate Passcode (Figure 8).

Figure 8.

5. Use Touch ID or Face ID for two-factor authentication.

If Touch ID has not been activated, IB Key will prompt you to enter your smartphone's passcode. A response string will then be generated (Figure 9).

     5.1 If you use Touch ID, place your registered finger on the Home Button (Figure 9). A response string will then be generated (Figure 10).

Figure 9.                                                       Figure 10.
     

     5.2 If you use Face ID, look at your iOS smartphone screen (Figure 11). A response string will then be generated (Figure 12).

Figure 11.                                                          Figure 12.
    

6. Enter the response string from IB Key into the passcode field of Client Portal and click Continue (Figure 13).

Figure 13.

-----------------------------------------------------------------------------------------------------------------------------------------------------------

Verify your identity with IB Key (Android)

1. When you initiate a task that requires a verification, you will be prompted to enter Username and Password. Fill out the information and click on Continue (Figure 1A).

Figure 1A.

2. A Challenge Code will be displayed, along with a passcode field to enter a response (Figure 2A). You will enter this Challenge Code onto your phone.

Figure 2A.

3. Launch IBKR Mobile on your Android smartphone, and...

     3.a. If the app opens with the home screen (Figure 3A), select Authenticate then proceed with step 4.

     3.b. If the app opens with the login screen (Figure 4A), tap Services on the top left (red arrow), select Authenticate (Figure 3A) and proceed with step 4.

     3.c. If the app opens with your Home Page, Portfolio, Watchlists, or similar (Figure 5A), tap More on the bottom-right (red arrow). Then tap Two-Factor Authentication (Figure 6A), followed by Generate Response (Figure 7A), and proceed with step 4.

Figure 3A.                                            Figure 4A.

Figure 5A.                                          Figure 6A.                                     Figure 7A.

4. Type the PIN that you determined during the IB Key registration process and the Challenge Code from Client Portal into the corresponding fields, then select Generate Passcode. A response string will then be generated (Figure 8A).

Figure 8A.

5. Enter the response string from IB Key into the passcode field of Client Portal and click Continue (Figure 9A).

Figure 9A.

-----------------------------------------------------------------------------------------------------------------------------------------------------------

Verify your identity with Digital Security Card+ (DSC+)

1. When you initiate a task that requires a verification, you will be prompted to enter Username and Password. Fill out the information and click on Continue (Figure 1B).

Figure 1B.

2. A Challenge Code will be displayed, along with a passcode field to enter a response (Figure 2B). You will enter this Challenge Code onto your DSC+.

Figure 2B.

3. Turn on your DSC+ using the “press” button until 'PIN>' is displayed (Figure 3B). Enter the 4-digit PIN code you specified at the time you requested the device, then confirm with the “OK” button (Figure 4B).

Figure 3B.                                                              Figure 4B.                                                    

4. When 'CHALLNG>' is displayed (Figure 5B), enter the 6-digit Challenge Code from the Client Portal screen into the DSC+, then confirm with the "OK" button (Figure 6B).

Figure 5B.                                                              Figure 6B.                                       
    

5. A response code will appear (Figure 7B).

Figure 7B.                                                  

6. Enter the response string from your DSC+ into the passcode field of Client Portal and click Continue (Figure 8B).

Figure 8B.