Skip to main content
CMD Tools

Search Tools

Search for a developer tool
Home / generators / OTP Generator

OTP Generator

Free online Time-Based One-Time Password (TOTP) generator. Generate secure 6-digit codes instantly from a Base32 secret. Fast, local, and private.

Generated TOTP

Enter a valid Base32 secret to generate OTP

The Time-Based One-Time Password (TOTP) generator allows you to create 6-digit authentication codes directly in your browser. By providing a Base32 secret key, you can generate the exact same codes as popular authenticator apps. This is particularly useful for developers testing 2FA implementations or recovering access when a phone is unavailable.

How to Use

  1. Locate the Base32 secret key provided by your service (usually alongside a QR code).
  2. Enter or paste the secret key into the input field.
  3. The tool will automatically normalize the input and display the current 6-digit code.
  4. Copy the code before the 30-second timer expires.

The tool handles standard TOTP parameters: a 30-second time step, 6-digit output, and the SHA-1 hashing algorithm, which covers the vast majority of 2FA implementations.

Key Features

  • Instant Generation: Codes update automatically in real-time.
  • Client-Side Only: All cryptographic operations occur in your browser for maximum privacy.
  • Auto-Normalization: Spaces and hyphens are automatically stripped, and characters are converted to uppercase.
  • Visual Timer: A progress bar indicates how much time remains before the current code expires.

Common Use Cases

  • Development and Testing: Easily generate codes when building and verifying 2FA features in your own applications.
  • Account Recovery: Access your accounts if you have your backup secret key but lost access to your authenticator device.
  • Automation: Quickly grab a code without reaching for your phone during repetitive tasks.

If you need to generate strong, unique secrets for users setting up 2FA, consider using the Password Generator or UUID Generator for other identification needs.

Technical Details

This generator implements the standard TOTP algorithm defined in RFC 6238. It takes the provided Base32 secret, decodes it into a byte array, and uses the Web Crypto API to generate an HMAC-SHA-1 signature based on the current Unix time divided by the 30-second time step. The signature is then dynamically truncated to produce a 6-digit code.

Because it relies on the system clock, ensure your device’s time is synchronized accurately; otherwise, the generated codes may be rejected by the server.

FAQ

What is a TOTP?

A Time-Based One-Time Password (TOTP) is a temporary passcode generated from a shared secret and the current time, commonly used for two-factor authentication (2FA).

Is this tool secure?

Yes. The generation happens entirely in your browser using the Web Crypto API. Your secret is never sent to any server.

What format should the secret be?

The secret must be a Base32 encoded string. It is typically provided by services when setting up 2FA. Spaces and dashes are automatically ignored.

Why does the code change every 30 seconds?

TOTP algorithms use the current time to ensure the code is only valid for a short duration, providing a higher level of security.

Privacy Note

All OTP generation runs locally in your browser. The Base32 secret you enter is never uploaded, tracked, or stored on our servers.

Related Tools

Hash Generator

Free online hash generator. Create MD5, SHA-1, SHA-256, SHA-384, SHA-512 hashes instantly. Compare algorithms, copy results, and learn about hash functions.

Password Generator

Generate cryptographically secure passwords instantly. Customize length, characters, and complexity.

UUID Generator

Free online UUID v4 generator. Create single or bulk UUIDs instantly. Multiple formats: standard, uppercase, no dashes, braces. Secure and private.