Free TOTP Code Generator (2FA One-Time Passwords)
Turn a Base32 secret or otpauth:// URI into live two-factor codes · the same math your authenticator app runs, right in your browser.
Frequently asked
Is it safe to paste a real 2FA secret?
Codes are computed entirely in your browser via Web Crypto · the secret is never sent to a server or stored. Still, it's best suited to testing your own TOTP implementation, debugging enrollment QR codes, or machines you trust · for live account secrets, prefer your authenticator app.
Why doesn't the code match my authenticator app?
Almost always clock drift or mismatched parameters. Both sides derive codes from the current time, so check your system clock first · then confirm digits (6 vs 8), period (30s vs 60s), and algorithm (SHA-1 is the default nearly everywhere) match the server's enrollment settings.
What's inside an otpauth:// URI?
It's what 2FA QR codes encode: otpauth://totp/Issuer:account?secret=BASE32&issuer=…&digits=6&period=30&algorithm=SHA1. Paste one here and the tool extracts the secret and parameters automatically.
Which apps and servers is this compatible with?
Google Authenticator, Authy, 1Password, Bitwarden, Apple Passwords, and virtually every 2FA server implement RFC 6238 · exactly what this generator implements, verified against the RFC's official test vectors.
Run a full security scan →