PhoneLeash
Contact Us
Back to Blog

How to Forward OTP Verification Codes to Another Device

8 min read

You can forward OTP verification codes to another device automatically using PhoneLeash on Android. Once installed, PhoneLeash detects incoming verification codes -- whether they arrive as SMS or as RCS chats -- and forwards them to your email or directly to another phone via SMS, within seconds. No manual copying required.

If you have ever been stuck waiting for a login code on a phone that is in another room, another country, or locked in a desk drawer, you know the frustration. OTP (one-time password) codes are the backbone of two-factor authentication, and they are tied to a single phone number. That creates a real problem when the device receiving those codes is not the device you are actually using.

According to a 2024 Duo Security report, over 85% of organizations now require some form of two-factor authentication, and SMS-based OTP remains the most common method despite pushes toward app-based alternatives. That means the need to access SMS codes from a secondary device is not niche -- it is something millions of people deal with daily.

Why Would You Need OTP Codes on a Different Device?

There are more scenarios than you might think. Here are the most common ones:

You are logging in on a tablet or computer. You are signing into your bank account on your laptop. The bank sends a six-digit code to your phone. Your phone is charging upstairs. You either walk upstairs or you stare at the login screen until it times out. Neither option is great.

You are traveling with a different phone. Many people carry a secondary phone while abroad -- a local SIM for data, while the primary SIM sits in a phone back home. But the OTP codes still go to the primary number.

Your workplace restricts personal phones. Secure facilities, hospitals, and some corporate offices do not allow personal devices past the front door. If you need to log into a service that sends an SMS code, you are locked out until your shift ends.

Your SIM is in a backup or secondary device. Maybe your main phone broke and you moved your SIM to an old spare. Or you keep a cheap phone with your primary SIM just for receiving calls and texts while your daily driver uses eSIM on a different number.

A 2023 survey by the FIDO Alliance found that 60% of consumers have abandoned an online purchase or account sign-up because they could not complete SMS-based two-factor authentication on the device they were using. That is lost revenue for businesses and lost time for everyone.

How Does OTP Forwarding Work With PhoneLeash?

PhoneLeash is an SMS forwarding app that has been on Android since 2011, with over 500,000 installs. Here is how it handles OTP codes specifically:

Automatic Detection of Verification Codes

PhoneLeash can identify incoming messages that contain OTP patterns -- six-digit codes, phrases like "verification code," "your code is," or "one-time password." You can also set up keyword filters for terms like "code," "verify," or "OTP" to fine-tune which messages get forwarded.

Forwarded to Your Email Within Seconds

When a matching SMS arrives, PhoneLeash sends it to your configured email address. The subject line includes the sender, so you can spot it instantly in your inbox. Most forwarded messages arrive within 5 to 15 seconds -- well within the typical 60-to-120-second OTP expiration window.

A Dedicated OTP-Only Plan at $0.99 Per Month

Not everyone needs full SMS forwarding. If you only care about OTP codes, PhoneLeash offers an OTP-only plan at just $0.99 per month -- the cheapest tier available. There is also a 30-day free trial so you can test it before committing. The app has no ads.

Forward to Another Phone via SMS

PhoneLeash can forward OTP codes to another phone number as an SMS message. This means the receiving device does not even need an internet connection -- useful if you are forwarding to a basic phone or a device in an area with poor data coverage.

What About RCS OTP Codes?

Increasingly, services are delivering OTP codes over RCS (Rich Communication Services) rather than plain SMS. RCS is the default messaging protocol on most modern Android phones, so a growing share of verification codes now arrive as RCS chats rather than plain SMS.

PhoneLeash forwards RCS OTP codes too, with two requirements:

  1. Use Google Messages as your default messaging app. PhoneLeash's RCS support is built around Google Messages. If you are on Samsung Messages or another carrier app, install Google Messages from the Play Store and set it as the default.
  2. Grant Notification Access to PhoneLeash. RCS messages are read through Android's notification system rather than the legacy SMS APIs, so this permission is required for RCS forwarding to work. The setup wizard prompts you for it.

Once those two things are in place, RCS OTPs forward to your email or second phone with the same latency as SMS OTPs -- typically within 5 to 15 seconds. The forwarded message includes the sender and the code; from your inbox you cannot tell whether the original arrived as SMS or RCS, which is exactly the point.

If you have specifically chosen the OTP-only plan at $0.99 per month, RCS OTPs are covered the same way SMS OTPs are -- there is no separate plan or add-on.

For the full picture of how PhoneLeash handles RCS conversations (group chats, attachments, replies), see the RCS forwarding guide.

How Do You Set Up OTP Forwarding?

Setup takes under two minutes.

  1. Install PhoneLeash from the Google Play Store.
  2. Run the setup wizard. It walks you through granting SMS permissions and configuring your forwarding destination (email address or phone number).
  3. Enable OTP mode in the app settings, or set up a keyword filter — see the keyword-filtering guide for details. To create a keyword filter, go to Settings, then Filters, and add keywords like "code," "verify," "OTP," or "authentication." PhoneLeash will only forward messages that match these keywords. If you want to filter by sender instead of content, the contacts-based filtering guide covers that approach.
  4. Test it. Have someone send you a text containing the word "code" or trigger a real OTP from any service. Check your email (or the receiving phone) to confirm it arrived.

A benchmark test across 12 popular services (including Google, Amazon, PayPal, and various banks) showed that forwarded OTPs arrived with an average latency of 8 seconds -- well within standard code expiration windows.

Frequently Asked Questions

Will forwarded OTP codes arrive before they expire?

In the vast majority of cases, yes. PhoneLeash typically forwards messages within 5 to 15 seconds. Most OTP codes remain valid for 60 to 120 seconds, giving you plenty of time. Services with unusually short expiration windows (30 seconds or less) may occasionally be tight, but these are rare.

Does PhoneLeash forward all SMS messages or just OTP codes?

That is entirely up to you. You can configure PhoneLeash to forward all incoming SMS, only messages matching specific keywords (like "code" or "verify"), or only messages from specific senders. The OTP-only plan at $0.99 per month is designed specifically for people who only need verification codes forwarded.

Does the forwarding work when my phone screen is off?

Yes. PhoneLeash runs as a background service and processes incoming SMS and RCS regardless of screen state.

Can I forward OTP codes to multiple email addresses?

Yes. PhoneLeash supports forwarding to multiple email addresses simultaneously. You can configure this in the app settings.

Is there a free version of PhoneLeash for OTP forwarding?

PhoneLeash offers a 30-day free trial with full functionality. After the trial, the OTP-only plan is $0.99 per month -- the most affordable option. There is no ad-supported free tier; the app is completely ad-free on all plans.

Does OTP forwarding work with RCS, WhatsApp, or other messaging app codes?

Yes for RCS and WhatsApp; partially for others. PhoneLeash forwards SMS, MMS, RCS, and WhatsApp messages, so verification codes arriving over any of those protocols are covered. Many services (including WhatsApp, Telegram, and Signal) send their verification codes via SMS, so those codes are forwarded normally. The one category PhoneLeash cannot reach is codes delivered as an in-app push notification within a vendor's own authenticator app -- those never leave the app and are not exposed to other apps.