Is this tool safe?
This tool is designed to generate TOTP codes locally in your browser. The secret key is not sent to a server by this site.
FAQ
Answers about privacy, browser-local code generation, and TOTP compatibility.
Do you store my secret keys?
No. There is no backend database, no user account system, and no storage of your secret keys.
Is the code generated locally?
Yes. TOTP generation uses browser-side JavaScript and the Web Crypto API.
What is TOTP?
TOTP means Time-based One-Time Password. It generates short-lived verification codes from a shared secret and the current time.
What is HOTP?
HOTP means HMAC-based One-Time Password. It uses a counter instead of time. TOTP is based on HOTP with time as the moving factor.
Is it compatible with Google Authenticator?
Yes. The default settings are SHA-1, 6 digits, 30 seconds, and Base32 secret format, matching common authenticator apps.
Can I use it for business?
Yes, but for highly sensitive production workflows, use your official authenticator app and internal security policies.
Is it free?
Yes. It is a lightweight static tool site with no login requirement.