TOTP Generator
SecurityGenerate TOTP codes compatible with Google Authenticator and Authy. Enter a base32 secret to preview 6-digit codes and time windows. Debug 2FA implementations easily.
Base32 Secret:
Step:
Digits:
About TOTP Generator
TOTP (Time-Based One-Time Password, RFC 6238) is the algorithm behind authenticator apps. This tool accepts a base32-encoded secret and generates the current 6-digit code plus adjacent time windows—perfect for debugging 2FA enrollment flows or verifying your TOTP implementation.
Features
- ✓Real-time TOTP code generation refreshed every 30 seconds
- ✓Countdown timer showing remaining validity window
- ✓Display previous and next codes for clock-skew debugging
- ✓Accepts base32-encoded shared secrets
- ✓Compatible with Google Authenticator, Authy, and TOTP RFC 6238
- ✓Configurable time step and digit count
Common Use Cases
- Debugging 2FA enrollment in web applications
- Verifying your server-side TOTP implementation matches RFC 6238
- Testing backup code flows by generating current TOTP values
- Demonstrating how authenticator apps work in security training
- Recovering a TOTP code when your phone is unavailable
Frequently Asked Questions
QIs it safe to enter my TOTP secret here?
Use test secrets only. Never enter secrets for real accounts in any online tool—your authenticator app secret should remain confidential.
QWhy is my code not being accepted?
Clock drift is the most common cause. TOTP is time-sensitive; ensure your device clock is synchronized (NTP). Many servers accept ±1 adjacent time window.
QWhat is the base32 secret format?
Authenticator apps use base32 (RFC 4648) encoded secrets, typically shown as a QR code or a string of uppercase letters and digits like JBSWY3DPEHPK3PXP.