TOTP Generator
000000
Refreshes in: 30 seconds
What is TOTP?
Time-based One-Time Password (TOTP) is a computer algorithm that generates a one-time password that uses the current time as a source of uniqueness. It is used as a second factor in two-factor authentication (2FA) to provide an additional layer of security beyond just a username and password.
How it Works
- TOTP combines a secret key with the current time to generate a unique code
- The code changes every 30 seconds, making it temporary and more secure
- Both the server and client must be time-synchronized
- The algorithm is standardized in RFC 6238
Security Principles
- Time Sensitivity: The code is only valid for a short period, limiting the window of opportunity for attacks
- One-time Use: Each code can only be used once, preventing replay attacks
- Two-Factor Authentication: TOTP provides something you have (the device generating codes) in addition to something you know (password)
- Cryptographic Security: Uses HMAC-SHA1 for secure code generation