2FA Generator
Client-side TOTP generator • RFC 6238
How to Use This Tool
1. Enter Your Secret: Paste your Base32-encoded TOTP secret key from your authenticator app setup.
Quick Option:
2. View Code: Your 2FA code appears instantly with a countdown timer showing time remaining.
3. Copy: Click the code to copy it to your clipboard for quick login.
Advanced Options:
Digits: Choose between 6, 7, or 8 digit codes (most services use 6).
Period: Set refresh interval—15s, 30s, or 60s (default is 30s).
Algorithm: Select SHA-1, SHA-256, or SHA-512 based on your service requirements.
All codes are generated locally in your browser following RFC 6238 standards.
TOTP Generator: FAQ
TOTP is a temporary passcode algorithm that generates a unique code based on the current time and a shared secret key. It's the standard behind most 2FA apps like Google Authenticator, Authy, and Microsoft Authenticator, defined in RFC 6238.
A Base32 secret is an encoding format using letters A-Z and digits 2-7. When you set up 2FA, the service provides this secret (often shown as a QR code). It typically looks like "JBSWY3DPEHPK3PXP" and is case-insensitive.
No. Your secret key never leaves your browser. All TOTP calculations happen entirely client-side using the Web Crypto API. Nothing is sent to any server, and no data is stored in cookies or localStorage.
Common causes: (1) Incorrect secret key—verify it matches exactly. (2) Wrong settings—check if your service uses non-standard digits, period, or algorithm. (3) Time sync—ensure your device clock is accurate. Most services use 6 digits, 30s period, and SHA-1.
Digits: Length of the generated code (6, 7, or 8). Period: How often the code refreshes (15s, 30s, or 60s). Algorithm: The hash function used (SHA-1, SHA-256, or SHA-512). Most services use 6 digits, 30s, and SHA-1 by default.