About The TOTP Generator

TOTP Generator creates time-based one-time passcodes from Base32 secrets using the standard HMAC-SHA-1 counter flow. It is useful for testing MFA setup, authenticator compatibility, and timing settings.

Generation runs locally in your browser. Avoid pasting live MFA enrollment secrets into shared or recorded environments.

How to Generate TOTP Codes Online

1. Enter the Base32 secret from your test MFA setup.
2. Set the digit count and period to match the target service.
3. Click Generate TOTP and use the current code before the period expires.

Choosing Options Correctly

Digits:
Most services use 6 digits, but some use 8 or other lengths.

Period:
Most services use 30 seconds. A different period must match the server configuration exactly.

Common Use Cases

• Testing an MFA implementation with a sample secret.
• Debugging rejected codes caused by wrong period or digit settings.
• Checking whether a Base32 secret parses correctly.

Quick FAQ

Why is my code rejected?
Check the Base32 secret, clock time, period, digits, hash algorithm, and account setup. Time drift is a common cause.

Should I paste a real MFA secret?
No. Treat MFA seeds like passwords. Use test secrets unless you fully trust the environment.

Does the tool store the Base32 secret?
The page is meant for calculation, but you should still avoid exposing real secrets and close the page when finished.

Can I rely on this for production MFA operations?
Use it for debugging or testing only. Production MFA should stay in an authenticator app or managed identity system.