TOTP Generator
Generate Time-based One-Time Passwords (TOTP) for two-factor authentication.
TOTP Generator β 2FA Code Generator Online
TOTP Generator creates time-based one-time passwords using the TOTP algorithm (RFC 6238) with HMAC-SHA1, compatible with all standard authenticator apps.
Enter your TOTP secret key (usually provided as a Base32-encoded string when you set up two-factor authentication) and click Generate. The tool computes the current 6-digit time-based one-time password using the TOTP algorithm with HMAC-SHA1 and 30-second time steps. A countdown timer shows how many seconds remain before the code expires and a new one generates. The generated codes match those from authenticator apps like Google Authenticator or Authy when using the same secret key. All computation runs locally in your browser using the Web Crypto API.
Developers testing TOTP authentication systems generate codes manually to verify their server-side validation logic works correctly. Users who lost access to their authenticator app but saved their secret keys use this to generate codes and regain account access. Security engineers audit TOTP implementations by generating expected codes and comparing them to what the system accepts. Backend developers troubleshoot time synchronization issues by generating codes at specific timestamps to test drift tolerance.
TOTP codes are only valid for a narrow time window (typically 30 seconds), so ensure your system clock is accurate or codes won't validate. Secret keys are case-insensitive but must not contain spaces or dashes; remove formatting if you copied from a source that includes separators. Save your secret key somewhere secure; if you lose it and your authenticator app, you'll need account recovery. Most systems accept codes from the current and previous time window to account for clock drift and user typing speed. This tool is compatible with RFC 6238 TOTP standard, so codes work with any compliant service.
All processing happens directly in your browser. Your files never leave your device β no server uploads, no cloud storage, no data retention. The tool works offline once loaded, requires no registration, and is completely free with no usage limits.
Frequently Asked Questions
What is TOTP?
TOTP (Time-based One-Time Password) is an algorithm that generates temporary codes using a shared secret and the current time. It is the standard behind Google Authenticator and similar apps.
Where do I find my secret key?
When setting up 2FA, the service provides a QR code or a Base32 secret key (like JBSWY3DPEHPK3PXP). This is the key you enter here.
Is this compatible with Google Authenticator?
Yes. TOTP is a standard (RFC 6238). This tool generates the same codes as Google Authenticator, Authy, Microsoft Authenticator, and others.
Is my secret key safe?
Yes. Everything runs locally in your browser. Your secret key is never stored or transmitted to any server.
Why is my code different from my authenticator app?
Ensure your device clock is accurate. TOTP codes depend on the current time. Even a few seconds of clock drift can produce different codes.