000000
Secret key must be base32 encoded, 16~128 characters in length

Free online TOTP generator, no installation required, compatible with Google Authenticator, supports Time-based One-Time Password (TOTP) generation;

  • Secret Key: Must be valid base32 encoded, 16~128 characters in length;
  • Generate Random Key: Creates a random 64-character key;

Uses HMAC-SHA1 algorithm for hashing, generates 6-digit codes with 30-second time windows;

TOTP Principles

TOTP (Time-Based One-Time Password) is a dynamic password generation algorithm widely used for two-factor authentication (2FA), defined by RFC 6238. It can generate time-changing one-time verification codes without requiring network connectivity;

TOTP workflow:

  1. Shared Secret: A base32 encoded secret key is pre-shared between user and server;
  2. Time Counter: Current Unix time (in seconds) divided by fixed time step (typically 30s) to get counter value;
  3. HMAC Calculation: Uses HMAC-SHA1 algorithm with secret key and time counter as input;
  4. Truncation: Extracts 4-byte portion from hash result, converts to integer, then mod operation generates fixed-length code (typically 6 digits);

Using Google Authenticator

Google Authenticator is a free two-factor authentication (2FA) app provided by Google to enhance account security. It generates one-time passwords (OTP) as secondary verification for logins, commonly used to protect Google, Facebook, GitHub, Dropbox and other accounts.

  • Open Google Authenticator app;
  • Tap the + button at bottom right;
  • Select Enter a setup key;
  • Enter details:
    • Account Name: Service name
    • Key: base32 encoded (can be generated on this page)
    • Key Type: Time-based
  • Click Add;

After adding, it will automatically generate 6-digit codes that refresh every 30 seconds;