Skip to content

TOTP Generator

Generate TOTP codes from base32 secrets or otpauth:// URIs. 30-second countdown, encrypted local storage, and next-code preview. Runs in your browser.

FreeNo SignupNo Server UploadsZero Tracking

Create a TOTP Vault

Choose a passphrase to encrypt your TOTP entries. They will be stored in localStorage, encrypted with AES-256-GCM.

How to Use TOTP Generator

  1. 1

    Create or unlock vault

    Set a passphrase to encrypt your TOTP entries. On return visits, enter the same passphrase to unlock.

  2. 2

    Add entries

    Enter a base32 secret key manually, or paste an otpauth:// URI from your authenticator app setup.

  3. 3

    Use your codes

    Codes refresh every 30 seconds with a visual countdown. Click Copy to copy any code to your clipboard.

Frequently Asked Questions

Secrets are encrypted with AES-256-GCM using a key derived from your passphrase via PBKDF2 (100,000 iterations). The encrypted data is stored in your browser's localStorage.

For most use cases, yes. The encryption is strong. However, a dedicated hardware key (YubiKey) or a phone-based app is recommended for high-security accounts because they are isolated from your browser.

TOTP (Time-based One-Time Password) is the algorithm behind apps like Google Authenticator. It combines a shared secret with the current time to generate a 6-digit code that changes every 30 seconds.

It is a standard URI format that encodes the TOTP secret, account name, and issuer. QR codes in 2FA setup pages encode this URI. You can usually find it as a 'Can't scan?' link.

Your entries cannot be recovered. The encryption is one-way without the passphrase. You would need to re-enroll your 2FA with each service.