The MAS has made two-factor authentication mandatory for online financial services. This guide provides a step-by-step process for OANDA clients to enable 2FA on their accounts for enhanced security and peace of mind.
Introduction to 2FA requirement
The Monetary Authority of Singapore (MAS) has moved to strengthen the security of online financial services. From 12 September 2025, two-factor authentication (2FA) has been made be mandatory for all clients accessing trading accounts and investor portals in Singapore (MAS FAQ).
This move is part of MAS’ continued effort to safeguard investors from cyber risks, account takeovers, and fraudulent access. Simply put: even if someone manages to steal your password, 2FA ensures they can’t access your account without a second verification step.
For OANDA clients, enabling 2FA is straightforward—and essential. Here’s why it matters and how to set it up before the deadline
Why has MAS made this change to 2FA regulation
According to MAS:
“Two-factor authentication (2FA) for system login can be based on any two of the factors, i.e. What you know (e.g. PIN), What you have (e.g. One-Time Password token), and Who you are (e.g. Biometrics). When implemented properly, 2FA offers much greater protection against hacking than single-factor password authentication, and helps safeguard accounts even when passwords have been compromised.”
— MAS FAQ Q1
In addition:
In addition:
- Mandatory for FIs: MAS requires all licensed or exempt financial institutions to deal in capital markets products under Section 99 of the Securities and Futures Act (SFA) to make 2FA mandatory at login for online accounts (MAS FAQ Q2).
- No access without 2FA: Customers will lose access to their accounts if 2FA is not enabled by the deadline (MAS FAQ Q3).
- Broader security expectations: MAS also expects brokers to implement complementary measures like trade notifications, strong password policies, and advanced surveillance systems (MAS FAQ Q4).
The timeline is clear: financial institutions must implement 2FA by 12 September 2025 (MAS FAQ Q5).
How OANDA implements 2FA
At OANDA, we’ve integrated 2FA across our platforms to align with MAS’ requirements. Once enabled, you’ll need both:
- Your password, and
- A time-sensitive code from an authenticator app,
to log in to your account.
This protects your funds and trading activities across OANDA Hub, OANDA Platforms, TradingView, and MetaTrader 4 (MT4). We recommend the Google Authenticator app which can be downloaded for free on the Apple App Store or Google Play Store.
Step-by-step guide: Enabling 2FA on your OANDA account
For OANDA Hub, OANDA Platforms & TradingView accounts
Follow these steps to enable 2FA on your OANDA account:
1. Initial Login
- Log in to OANDA. You will be prompted to activate 2FA.
- Copy the key displayed under the QR code on the webpage. Keep this key safe; it is your recovery code should you lose access to your authenticator app.
2. Using an Authenticator App (Standard Method)
- Launch your authenticator app (e.g., Google Authenticator).
- Scan the QR code on the OANDA webpage.
- Copy the One-Time Password (OTP) generated by the app.
- Input the OTP on the OANDA webpage.
- Select Activate 2FA.
3. Setting Up with Recovery Code (Mobile/Unable to Scan)
If you logged in via a mobile device or are unable to scan the QR code, you can use the recovery code you saved:
- Launch Google Authenticator.
- Select "Enter a setup key".
- Under Account Name, input "oanda".
- Paste the Recovery Code you copied earlier as your key.
- Leave Type of key as time based.
- Add.
- Copy the OTP generated.
- Input the OTP on the OANDA webpage.
- Select Activate 2FA.
For MetaTrader 4 (MT4) users
Note: You must set up 2FA for each MT4 account separately. This process is done within the MT4 mobile app; you cannot enable 2FA through the MT4 desktop application.
- Accessing the OTP Generator
Launch the MT4 mobile app.
Android users: Select the hamburger button (usually three horizontal lines), go to Manage accounts, and tap the shield icon at the top right corner.
Apple users: Select OTP under Settings.
You will be prompted to set a four-digit code. This code will be required every time you access the OTP generator within the app.
- Binding the Account
Select bind to account.
Enter your MT4 login credentials (account number and password).
This binds the OTP generator on your device to your MT4 account.
What if you lose access to your 2FA device?
If you no longer have access to your authenticator app or device:
- Use the recovery code you saved during setup.
- Should you require any support, please chat with us at help.oanda.com or email us at frontdesk@oanda.com.
MAS’ mandatory 2FA regulation is a welcome step to protect Singapore investors against online threats. For OANDA clients, enabling 2FA is not just about compliance — it’s about ensuring uninterrupted, secure access to your trading account.
Set up your 2FA today and trade with peace of mind knowing your account is safeguarded with the latest in security standards.
For more details, you can read the MAS FAQ on Two-Factor Authentication.
