2FA/TOTP Generator
Generate TOTP codes from a secret key
Security & Privacy
All codes are generated locally in your browser using the Web Crypto API — no backend involved
Your secret key is never sent to any server. This page contains no tracking or analytics code
No secrets or codes are stored or logged. Closing the page immediately frees all data from memory
Uses the standard TOTP algorithm (RFC 6238), fully compatible with Google Authenticator and similar apps
About TOTP/2FA Generator
Frequently Asked Questions
What is TOTP / Two-Factor Authentication (2FA)?▼
TOTP (Time-based One-Time Password) is a form of two-factor authentication. It generates a short-lived numeric code based on a shared secret and the current time, providing an extra layer of security for account logins.
Is it safe to use this online tool?▼
Yes. This tool performs all computations locally in your browser using the built-in Web Crypto API. Your secret key never leaves your device. There are no network requests, no server-side processing, and no data storage.
Will my secret key be uploaded to a server?▼
Absolutely not. This is a purely static frontend page — all computation happens in the browser. You can disconnect from the internet and verify this yourself.
How long is a generated code valid?▼
Each code is valid for 30 seconds (the standard TOTP period). The countdown progress bar on the page shows the remaining time, and a new code is automatically generated when the period expires.
Which platforms and apps are supported?▼
Any platform that uses the standard TOTP protocol, including Google, GitHub, Microsoft, AWS, Cloudflare, Discord, Twitter/X, and more. As long as the service provides a Base32-encoded secret key, it will work.
Why doesn't the generated code match my authenticator app?▼
Please make sure your device's system clock is accurate. TOTP relies on precise time synchronization — even a few seconds of drift can cause mismatched codes. Check that automatic time sync is enabled on your device.