TOTP Generator
Enter a Base32 TOTP secret and get a live 6-digit one-time password that refreshes every 30 seconds — exactly as Google Authenticator, Authy, and 1Password do. Uses HMAC-SHA1 via WebCrypto (RFC 6238 compliant). 100% client-side.
Loading tool...Loading tool...
Common Use Cases
- Debug TOTP implementation against a reference
- Test 2FA setup without a phone
- Verify TOTP secret after backup
- Teach TOTP algorithm mechanics
Frequently Asked Questions
Is it safe to enter my TOTP secret here?
This tool runs 100% in your browser — the secret never leaves your device. However, as a general rule, never share your real 2FA secrets with any online tool. Use this for testing with generated or throwaway secrets only.
Related Tools
JWT GeneratorGenerate signed JWTs with custom header, payload, and secret. Supports HS256, HS384, HS512.HMAC GeneratorGenerate HMAC-SHA256 and HMAC-SHA512 signatures for message authentication and API request signing.Password GeneratorGenerate cryptographically secure passwords with custom length, character sets, and strength analysis.
Tool Info
CategorysecurityAI EnhancementNoData StorageZero retention