**TOTP** (Time-based, RFC 6238): code changes **every 30 seconds** based on current time. What Google Authenticator uses. **HOTP** (HMAC-based, RFC 4226): code based on a **counter**, changes only when you use it. **HOTP is rare in 2026**.

Why doesn't my code match the app?

Most common reasons: - **System time out of sync**: TOTP tolerates ±30s, beyond that fails - **Wrong algorithm**: SHA-256 vs SHA-1, or digit count (6 vs 8) - **60s period instead of 30** - **Typo in the secret**

Why can I pick 7 or 8 digits?

Because **the standard allows 6, 7, or 8** (RFC 6238). **6 is the de facto default**, used by 99% of services. **7 and 8 are niche**, some corporate / military systems. If your app shows 6, **keep 6**.

Does an otpauth:// URI contain the secret?

**Yes**. Format: `otpauth://totp/Service:user@example.com?secret=BASE32&issuer=Service`. When an Authenticator app **scans a QR**, that's exactly what it sees. You paste it here, **we parse it locally** and fill every field.

How long should the secret be?

**The standard recommends 160 bits** (20 bytes = 32 base32 chars). Shorter (128 bits) works but is **technically brute-forceable**. Our [TOTP secret generator](/en/totp-secret-generator) always produces **160-bit** secrets.

Can I use this instead of the Authenticator app?

**Technically yes**, the calculator returns the same codes for the same secret. **Practically**: you still need to store the secret somewhere, so you need a primary location. **Best setup**: app on phone + this calculator as fallback.

Does it work offline?

**Yes**. After the first visit the page is **cached by the service worker**, you can compute codes **without internet**. The secret **never leaves the browser**.

TOTP Code Calculator - free

TOTP code calculator

Paste a secret or otpauth:// URI to see the live 2FA code with countdown.

Secret (base32 or otpauth:// URI)

Paste an otpauth:// URI to fill every field at once.

Algorithm

Digits

Period

Secret never leaves your device. Everything runs in your browser.

How do I get my 2FA code when I lost my Authenticator phone?

Paste a TOTP secret (base32 or otpauth:// URI) and the tool shows the current 6-digit code live with a countdown to the next rotation.

Same thing Google Authenticator does on your phone, just in the browser. The secret never reaches a server.

Useful when: you lost the phone with 2FA and need access, you want a backup generator on a desktop, you're debugging a 2FA integration in your own app.

How to use it

Paste a base32 secret (e.g. "JBSWY3DPEHPK3PXP") or a full otpauth:// URI, the tool detects URIs and fills every field.

Defaults: SHA-1 + 6 digits + 30s, what Google Authenticator, Authy, 1Password use. Change only if your service requires otherwise.

The current code appears immediately with a countdown bar to the next rotation.

Click the code = copy to clipboard.

After 30 seconds the code rotates automatically, just like Authenticator on your phone.

When this is useful

Five typical situations where a TOTP calculator replaces the phone app:

Recovery. You lost / broke the phone with 2FA, but saved the secret (usually with backup codes at enrollment); paste here, get the code, sign in.
Debugging. You're writing a 2FA integration and want to verify your backend returns the same codes as Google Authenticator.
Backup. TOTP secret cross-platform sync still isn't great; keep this calculator bookmarked as a "secondary device".
Education. See how 2FA actually works: HMAC-SHA-1 + Unix time + dynamic truncation = 6-digit code.
Security audit. Test whether an app accepts weak secrets or is vulnerable to replay attacks.

To generate a fresh secret, use the TOTP secret generator.

Questions and answers

No. All compute is local: we decode the base32 secret to bytes, run HMAC-SHA-1 with Unix time via Web Crypto API, modulo the result. You can verify in DevTools (Network), no upload.

How do I get my 2FA code when I lost my Authenticator phone?

Paste a TOTP secret (base32 or otpauth:// URI) and the tool shows the current 6-digit code live with a countdown to the next rotation.

Same thing Google Authenticator does on your phone, just in the browser. The secret never reaches a server.

Useful when: you lost the phone with 2FA and need access, you want a backup generator on a desktop, you're debugging a 2FA integration in your own app.

How to use it

Paste a base32 secret (e.g. "JBSWY3DPEHPK3PXP") or a full otpauth:// URI, the tool detects URIs and fills every field.

Defaults: SHA-1 + 6 digits + 30s, what Google Authenticator, Authy, 1Password use. Change only if your service requires otherwise.

The current code appears immediately with a countdown bar to the next rotation.

Click the code = copy to clipboard.

After 30 seconds the code rotates automatically, just like Authenticator on your phone.

When this is useful

Five typical situations where a TOTP calculator replaces the phone app:

Recovery. You lost / broke the phone with 2FA, but saved the secret (usually with backup codes at enrollment); paste here, get the code, sign in.
Debugging. You're writing a 2FA integration and want to verify your backend returns the same codes as Google Authenticator.
Backup. TOTP secret cross-platform sync still isn't great; keep this calculator bookmarked as a "secondary device".
Education. See how 2FA actually works: HMAC-SHA-1 + Unix time + dynamic truncation = 6-digit code.
Security audit. Test whether an app accepts weak secrets or is vulnerable to replay attacks.

To generate a fresh secret, use the TOTP secret generator.

Questions and answers

No. All compute is local: we decode the base32 secret to bytes, run HMAC-SHA-1 with Unix time via Web Crypto API, modulo the result. You can verify in DevTools (Network), no upload.

TOTP Code Calculator

How do I get my 2FA code when I lost my Authenticator phone?

How to use it

When this is useful

Questions and answers

Related tools

TOTP 2FA Secret Generator

2FA Backup Codes Generator

Password Generator

TOTP Code Calculator

How do I get my 2FA code when I lost my Authenticator phone?

How to use it

When this is useful

Questions and answers

Related tools

TOTP 2FA Secret Generator

2FA Backup Codes Generator

Password Generator