TecnoCrypter Logo

TOTP/2FA Generator

TOTP codes for authentication

Generador TOTP / 2FA
Genera códigos de autenticación de dos factores (TOTP) desde una clave secreta Base32.

¿Cómo funciona?

TOTP (Time-based One-Time Password) genera códigos de 6 dígitos que cambian cada 30 segundos. Se usa en apps como Google Authenticator, Authy y Microsoft Authenticator para añadir una segunda capa de seguridad a tus cuentas.

TOTP/2FA Generator: Codes Compatible with Google Authenticator

TOTP (Time-based One-Time Password, RFC 6238) is the standard for two-factor authentication used by Google Authenticator, Authy, 1Password, and thousands of services. Generates a 6-digit code that changes every 30 seconds, based on a shared secret + current time.

Our generator implements TOTP correctly with HMAC-SHA1/SHA256/SHA512, letting you enter a Base32 secret and see the current code + next one. Ideal for testing 2FA implementations, recovering codes from backups, or backing up an authenticator app.

IMPORTANT: this is for testing and recovery. For daily use of 2FA, always use dedicated apps like Aegis (Android), Raivo (iOS), or hardware keys like YubiKey. Never share TOTP secrets.

How does it work?

  1. 1
    Paste the TOTP secret

    Base32 secret provided by the service when enabling 2FA (usually 16-32 characters like JBSWY3DPEHPK3PXP).

  2. 2
    See the current code

    6-digit code + countdown until next code (every 30 sec).

  3. 3
    Use in the service

    Enter the code where the service requests it. Auto-refresh every 30 seconds.

Frequently Asked Questions

What algorithm does TOTP use internally?

HMAC-SHA1 (default) with the shared secret and Unix timestamp / 30 seconds. The 20-byte HMAC output is truncated to 6 decimal digits. Some services use SHA-256 or SHA-512 for greater security (rare).

Why does my code sometimes fail?

System clock desynchronization. TOTP requires that client and server have times synchronized within seconds. Enable NTP on your device (Settings > Date and time > Automatic). Some servers accept ±1 window (±30 sec) as tolerance.

Can I recover TOTP secrets if I lose my phone?

Only if you saved the backup codes or exported the secrets when enabling 2FA. If not, contact each service to reset 2FA. Best practice: use Aegis/Raivo with encrypted backup or a physical hardware key like YubiKey.