Free Toolkit

TOTP GeneratorGenerate time-based one-time passwords (TOTP) compatible with Google Authenticator.

TOTP Generator illustration
🔐

TOTP Generator

Generate time-based one-time passwords (TOTP) compatible with Google Authenticator.

How to Use
1

Enter Secret

Enter Base32 secret or generate random.

2

Configure

Set period and digits.

3

View Code

TOTP auto-refreshes each period.

What Is TOTP Generator?

TOTP generates short-lived numeric codes from a shared secret and current time per RFC 6238. Powers Google Authenticator and 2FA apps. Codes change every 30 seconds, computed by HMAC-SHA1 over the time step counter. This tool implements TOTP via Web Crypto API with 6/8 digit codes, configurable periods, visual countdown, and random secret generation. All processing is client-side.

Why Use Our TOTP Generator?

  • RFC 6238 compliant
  • Visual countdown timer
  • Random secret generation
  • 100% client-side

Common Use Cases

2FA Testing

Test 2FA implementations.

Development

Generate codes during dev.

Recovery

Verify secrets.

Education

Learn TOTP.

Technical Guide

TOTP extends HOTP using T = floor(unixTime/period) as counter. (1) Decode Base32 secret. (2) Compute time step. (3) 8-byte big-endian buffer. (4) HMAC-SHA1. (5) Dynamic truncation: last nibble offset, 4 bytes, mask 0x7FFFFFFF, mod 10^digits.

Tips & Best Practices

  • 1
    30s period is standard
  • 2
    160+ bit secrets
  • 3
    Keep secrets secure
  • 4
    6 digits for compatibility

Related Tools

TOTP Validator

Validate TOTP codes against a shared secret with configurable time window.

Encoding & Crypto

HOTP Generator

Generate HMAC-based one-time passwords (HOTP) with counter tracking.

Encoding & Crypto

HMAC Generator

Generate HMAC digests with multiple hash algorithms.

Encoding & Crypto

Base32 Encode

Encode text to Base32 format using the RFC 4648 standard alphabet.

Encoding & Crypto

Base64 Encode

Encode text to Base64 format instantly in your browser.

Encoding & Crypto

Base64 Decode

Decode Base64-encoded strings back to plain text instantly.

Encoding & Crypto

Frequently Asked Questions

QFree?
Yes.
QGoogle Authenticator?
Yes, same algorithm.
QSecret safe?
Yes, client-side.
QDefault period?
30 seconds.
Q8-digit?
Yes.

About TOTP Generator

TOTP Generator is a free online tool from FreeToolkit.ai. All processing happens directly in your browser — your data never leaves your device. No registration required. No ads. Just fast, reliable tools.