Extra login security with multi–factor authentication

Give your account security a boost and help prevent financial loss by adding a layer of protection when you log in.

An extra security step at login not only helps prevent scammers from accessing your accounts and data—even if they somehow managed to steal your password—it can also give you a heads up if someone is trying to log into your account without your permission. 

Multi–factor authentication (MFA) options

Approve logins with your Fidelity mobile app

Approve or deny a notification on your mobile device when there’s an attempt to log into your account on the Fidelity website. If you’re enrolled in biometrics on your Fidelity Investments mobile app – such as facial ID or fingerprint – and have push notifications enabled, you’ll receive a notification that alerts you of the login.

Make sure you’ve downloaded the Fidelity Investments mobile app and have set up biometric login, like fingerprint or facial recognition, and have enabled notifications.

Connect an authenticator app

Authenticator apps provide you with a unique code to enter after your username and password. These codes change frequently in your authenticator app, so they are resistant to phishing scams and other fraudulent activities.

After downloading an authenticator app from your device’s app store, it can be connected directly to your Fidelity account. We allow connections to most authenticator apps, including ones that are widely used, such as Microsoft Authenticator and the Passwords app for iOS.

You can connect an authenticator app in your security settingsLog In Required or in your Fidelity Investments mobile app.

More ways to secure your login

Trust your personal devices

Bypass multi–factor authentication after logging in when using a personal device that you trust. By checking the "Don't ask me again on this device" box, that device is added to your trusted device list, which can be reviewed and managed in your security settings. Once a device is trusted, we won’t ask you to log in with a second authentication step anymore. However, we’ll still rely on MFA for certain sensitive transactions.

Never choose to remember public devices, like library computers, or a device using a public, unsecured Wi-Fi network to access your accounts.

Make sure your contact information is up to date

Accurate contact information supports security by allowing you to receive real-time alerts for important transactions, such as updates to your profileLog In Required information, or transferring money from your accounts.

Confirm or update your email and mobile phone number in your profile, so you can receive important security information.

View this page in Spanish


Multi-factor authentication FAQs

  • Which authenticator app should I use?
    If you already have an authenticator app that you use for work or other personal accounts, you can connect your Fidelity account directly. If you aren’t already using one, you can search for “authenticator app” in your mobile device’s app store to find one that works for you. Fidelity allows you to use most of them, including Microsoft Authenticator and the Passwords app for iOS.
  • Do I have to enter an authenticator app code each time I log in?
    By default, yes, you will enter a code from your authenticator app each time you log in. However, you can skip this step by selecting “Don’t ask me again on this device.” We will then trust the device and won’t require you to go through multi-factor authentication at log in—but that extra step may still be required for certain transactions. You can manage your trusted devices in your security settings.
  • What should I do if I get a new mobile device?
    When getting a new device, set up and connect your authenticator app before disposing of your old device. Some authenticator apps make it easy to transfer connections to a new phone by scanning a QR code on your old device.
  • How do I prevent losing access to my authenticator app?
    Options vary across apps, but saving any recovery codes from your app in a secure place is suggested.
  • How do I stop using an authenticator app?
    If you decide to stop using the authenticator app, go to your security settings to remove it as a multi-factor authentication option before deleting the app from your device.
  • What should I do if I lose access to my device or authenticator app?
    Give us a call, we’ll get you back into your account.
  • How can I protect my authenticator app account?

    Be sure to enroll in the security options your authenticator app offers. You can also protect the device the app is on by keeping it in a safe place, installing software updates when available, and using biometrics (fingerprint or facial ID) to log in.

    Remember, if you get an unrequested call or text asking for your Fidelity security code, stop. It's a scam. Never read back a security code unless you initiated a call to our official phone number. Never type the code into your phone or a website unless you are clearly on an official Fidelity app or website.

  • What transactions require extra security steps?
    You will be prompted to verify your identity when you perform sensitive transactions such as setting up new bank instructions or changing your contact information. It is possible you may not get prompted for additional verification during the transaction because we will have already verified your identity when you logged in.
  • What transactions require extra security steps?
    You will be prompted to verify your identity when you perform sensitive transactions such as setting up new bank instructions or changing your contact information. It is possible you may not get prompted for additional verification during the transaction because we will have already verified your identity when you logged in.
  • What if I am not seeing the 'Don't ask me again on this device' checkbox?
    Check your security settings to see if you have already trusted the device. If the device is not trusted, try clearing your internet browser's history or cache. The process for doing this will vary depending on your specific browser.
  • What should I do if the one-time passcode doesn't work?

    Make sure you're using the security code that's in the text message itself, not the incoming number from the sender. If this doesn't solve the problem, select, "Request a new code."

    Complete the steps for requesting a new code. If you're receiving the code by phone, make sure you are near that phone. We can only send text messages to a mobile phone.