TOTP (RFC 6238) divides time into fixed windows, typically 30 seconds. It computes a counter from the current Unix time, runs HMAC-SHA1 over that counter using your shared secret, then truncates the result to a 6-digit code. Both client and server compute the same code independently from the same secret and clock.

Is my secret sent to a server?

No. The base32 secret is decoded and run through HMAC-SHA1 using the browser's built-in Web Crypto API, entirely on your device. Nothing is uploaded, which makes this safe for testing 2FA implementations offline.

Why do you show previous and next codes?

Servers often accept a code from the adjacent time window to tolerate clock skew between the client and server. Showing the previous and next codes lets you confirm your implementation honours that tolerance window.

What base32 format does the secret use?

The secret uses the RFC 4648 base32 alphabet — uppercase A to Z and digits 2 to 7. Spaces and trailing equals padding are ignored. This is the same format authenticator apps store behind the otpauth QR code.

Can I use this with my real authenticator account?

It will produce correct codes, but treat it as a testing and verification tool. Avoid pasting a production secret you cannot rotate, since possession of the secret is equivalent to the second factor itself.

TOTP Token Generator (Offline)

The TOTP Token Generator produces time-based one-time passwords from a base32 secret using the exact algorithm defined in RFC 6238, all inside your browser. It is built for developers verifying a 2FA implementation, QA engineers reproducing login flows, and anyone who needs an offline authenticator code without installing an app. Because the calculation uses the Web Crypto API locally, the secret never leaves your device.

How it works

TOTP is HOTP (RFC 4226) with a time-derived counter. The steps the tool performs are:

Decode the secret from base32 (alphabet A-Z2-7) into raw bytes.
Compute the counter as T = floor(unixSeconds / period), then encode it as an 8-byte big-endian value.
HMAC-SHA1 the counter using the secret as the key, via crypto.subtle.sign.
Dynamically truncate the 20-byte MAC: the low nibble of the last byte gives an offset; read 4 bytes there, mask the top bit, take the result modulo 10^digits, and zero-pad to the chosen length.

The countdown bar shows how long the current window lasts, and the previous and next codes correspond to T-1 and T+1.

Tips and example

A common test secret is JBSWY3DPEHPK3PXP, which decodes to the ASCII string Hello!\xde\xad\xbe\xef. Paste it with a 30-second period and 6 digits to see a code that matches reference TOTP libraries.

If your server rejects a code that looks correct, check three things: the period (30 versus 60 seconds), the digit count, and clock skew. The previous/next codes shown here are exactly what a skew-tolerant server would also accept, so they are the fastest way to confirm whether a mismatch is a timing issue rather than a secret-decoding bug.