Skip to main content
Back to Tools
Web Tools

TOTP Generator

Generate Time-based One-Time Passwords (RFC 6238) from Base32 secrets. Configure period, digits, and algorithm (SHA-1, SHA-256, SHA-512). Generate otpauth:// URIs for QR codes. Runs entirely in your browser — your data never leaves your machine.

totp 2fa otp security authentication rfc6238

Published May 31, 2026

All interactive tools run entirely in your browser. Your data never leaves your device.

How It Works

Enter a Base32-encoded secret and the tool generates the current TOTP code using the HMAC-based One-Time Password algorithm. A countdown shows time remaining in the current period.

Features

  • RFC 6238 compliant: standard TOTP algorithm using Web Crypto HMAC
  • Configurable algorithm: SHA-1 (default), SHA-256, SHA-512
  • Configurable period: 30s default, adjustable
  • Configurable digits: 6 (default), 7, or 8 digit codes
  • Base32 validation: validates secret format before generation
  • URI generation: otpauth:// URI for QR code provisioning
  • Live countdown: shows seconds remaining in current period
  • 4 examples: GitHub, Google, AWS, custom configuration
  • Private: runs entirely in the browser — no data transmitted

Use Cases

  • Testing 2FA implementations during development
  • Generating TOTP codes for service accounts
  • Verifying TOTP secret configuration
  • Generating otpauth:// URIs for QR code provisioning