2FA / TOTP Code Generator
Generate RFC 6238 TOTP codes from a Base32 secret key — exactly like Google Authenticator or Authy. Shows current, previous and next codes with live countdown.
Free · No credit card · 50 credits/day
How TOTP works
Four steps — all computed locally with no server round-trip needed.
The Base32 secret key from the QR code setup is decoded into raw bytes — the shared secret between your app and the server.
Divide the current Unix timestamp by the period (30s): counter = floor(time() / 30). Both your device and the server compute the same counter independently.
Run HMAC-SHA1 with the secret as the key and the 8-byte big-endian counter as the message. The result is a 20-byte hash.
Use dynamic truncation on the hash to extract 4 bytes, interpret as an integer, take modulo 10^digits. Pad to 6 (or 8) digits with leading zeros.
Developer use cases
When building a TOTP-based 2FA system, paste the test secret here to verify your implementation produces the same codes as the standard algorithm.
TOTP failures are often caused by server clock drift. Use this tool alongside your app to confirm whether codes match — if they do here but not in your app, the problem is server time sync.
E2E tests for 2FA login flows need a live TOTP code. This tool lets you quickly grab a current code during manual test runs.
Scan a QR code, extract the secret from the otpauth:// URI, and verify it generates valid codes before presenting to users during 2FA enrollment.
Testing only. Never paste real production TOTP secrets — your real bank, email or work 2FA secrets — into any online tool. This tool is for development and testing with test accounts only.
Frequently asked questions
Generate a TOTP code now
Free account. 50 credits per day. Access to 75+ tools instantly.
Create free account →