正在加载,请稍候…

OTP code generator

Generate and validate time-based OTP (TOTP) and HMAC-based OTP (HOTP) for multi-factor authentication. Supports custom secrets and step intervals.

How to Use

  1. Step 1: Enter your TOTP secret key from your authenticator app.
  2. Step 2: The current OTP code is displayed with a countdown timer.
  3. Step 3: Copy the 6-digit code to authenticate.

Frequently Asked Questions

What is OTP / TOTP?

OTP is a password valid for only one session. TOTP generates a new code every 30 seconds using a shared secret and the current time.

What is the standard algorithm?

TOTP is defined in RFC 6238 and uses HMAC-SHA1. Used by Google Authenticator and Authy.

What is the difference between TOTP and HOTP?

TOTP (Time-based OTP) generates a code based on the current time, refreshing every 30 seconds — used by Google Authenticator. HOTP (HMAC-based OTP) uses an incrementing counter instead of time, suitable for hardware tokens and offline scenarios where clock sync is not guaranteed.

What is the difference between TOTP and HOTP? Which should I use?

TOTP (time-based) is an extension of HOTP (counter-based), using the current timestamp instead of a counter. TOTP refreshes every 30 seconds — even if an OTP is intercepted it expires quickly — and is the standard used by Google Authenticator, Authy, and other apps. HOTP is based on an incrementing counter and does not require time synchronization, making it suitable for offline hardware tokens. Modern 2FA almost universally uses TOTP (RFC 6238).