TOTP (Time-based One-Time Password) is the standard behind most authenticator apps. It generates a 6-digit code that changes every 30 seconds.

2FA Code Generator

Generate TOTP codes for testing two-factor authentication.

------

30s

Secret Key

How TOTP Works

TOTP (Time-based One-Time Password) is defined in RFC 6238. It combines a shared secret key with the current time to generate a 6-digit code that changes every 30 seconds.

The algorithm: take the current Unix timestamp, divide by 30 (the time step), compute an HMAC-SHA1 with the secret key, and extract 6 digits from the result. Both the server and your authenticator app perform the same calculation independently.

This tool is for testing and development. For production 2FA, use a dedicated authenticator app like Google Authenticator, Authy, or 1Password — they store your secrets securely on your device.

Protect your 2FA: check your password strength and test for DNS leaks to ensure your accounts stay secure.

FAQ

What is TOTP?

TOTP (Time-based One-Time Password) is the standard behind most authenticator apps like Google Authenticator, Authy, and 1Password. It generates a 6-digit code that changes every 30 seconds based on a shared secret key.

Is this safe to use?

This tool generates codes entirely in your browser. No secret keys are sent to any server. Use it for testing and development — for real 2FA, use a dedicated authenticator app.