wyreup
inspect

TOTP Code

Generate the current RFC 6238 TOTP code from a base32 secret. Compatible with Google Authenticator, Authy, 1Password, and the rest. Nothing leaves your device.

Loading…

About TOTP Code

TOTP Code generates the current RFC 6238 time-based one-time code from a base32 secret, the same six-digit code your authenticator app would show. It works with secrets from Google Authenticator, Authy, 1Password, and any standard TOTP service. It is useful for testing a 2FA setup, recovering access from a stored secret, or scripting a login flow. The code is computed in your browser and the secret never leaves your device.

Category
inspect
Input
Accepts: */*.
Output
Outputs: application/json.
Cost
Free, runs in your browser
Memory
low
Privacy: TOTP Code runs entirely on your device. Files you provide never leave your browser — no uploads, no server, no tracking. The page works offline once loaded.

Common uses

  • Get into an account when your phone's authenticator app is unavailable but you saved the secret
  • Test that a newly issued TOTP secret produces the codes your app expects
  • Verify a 2FA enrollment during development without a physical device
  • Recover access using a backup of the original base32 setup key
  • Confirm two authenticator apps are in sync by comparing generated codes
  • Debug clock-skew issues by checking the code your secret should produce right now

Frequently asked questions

Is it safe to paste my TOTP secret here?

The secret is used only in your browser to compute the code locally and is never transmitted. Still, treat a TOTP secret like a password and only use it on a trusted machine.

Which apps is this compatible with?

Any RFC 6238 service, including Google Authenticator, Authy, 1Password, and similar authenticator apps.

What format does the secret need to be?

A base32-encoded secret, the string an authenticator service gives you when you set up 2FA (often shown alongside the QR code).

Why does the code keep changing?

TOTP codes are time-based and rotate every 30 seconds. The tool computes the code valid for the current window.

What does the output include?

A JSON result with the current one-time code so you can read it or pass it into another step.

Keywords

  • totp
  • otp
  • 2fa
  • auth
  • mfa
  • authenticator
  • rfc6238
  • rfc4226
  • one-time

Try next

Base32
convert

Encode or decode the base32 secret that feeds the TOTP generator.
QR Code
create

Turn an otpauth secret into a QR code to enroll it in an authenticator app.
Password Strength
inspect

Pair strong passwords with 2FA by checking password entropy first.
Color Palette
inspect

Extract dominant colors from an image as hex codes.
Image Diff
inspect

Pixel-level diff between two images of the same dimensions.
Image Info
inspect

Extract dimensions, format, and metadata from an image.
PDF Info
inspect

Extract page count and metadata from a PDF.
Hash
inspect

Compute SHA-256, SHA-1, or SHA-512 hashes of files.
JSON Formatter
inspect

Parse and pretty-print JSON with configurable indentation.
Extract PDF Tables
export

Extract tabular data from a PDF as JSON or CSV. Works well for simple tables with aligned columns and no merged cells. Complex tables, rotated text, and scanned PDFs (images) will not extract cleanly.
Topic Keywords
text

Pull the topic-bearing nouns and noun phrases out of any text. Answers "what is this about" — not "what words appear most" (try Text Frequency for that). Runs entirely in your browser.