2FA Verification Code Generator
Generate 6-digit TOTP verification codes from a 2FA secret locally in the browser.
Codes are generated in your browser, but a 2FA secret is sensitive account-access material. Do not paste real secrets on shared devices or during screen sharing.
Current verification code
23s until the next code
Supported input
- Base32 secret:
JBSWY3DPEHPK3PXP - otpauth URL:
otpauth://totp/Issuer:account?secret=... - Common authenticator defaults: 6 digits, SHA-1, 30 seconds
This tool runs in your browser. Inputs stay local and are not sent to any server.
How to use this result
This tool implements the standard TOTP flow used by authenticator apps: decode the Base32 secret, combine it with the current 30-second time counter, sign with HMAC, then truncate the result into a short numeric code.
Generation runs in your browser with the Web Crypto API. The secret is not sent to this site, but a 2FA secret is still highly sensitive. Use this only on a device and network you trust.
Most services use 6 digits, SHA-1, and a 30-second period. If a service uses different settings, change the options before copying the code.
Examples
Authenticator secret
otpauth URL
Common questions
Q.Is the 2FA secret uploaded?
No. The code is generated in your browser. Avoid pasting real production secrets on shared or untrusted devices.
Q.Why does the code keep changing?
TOTP codes are time-based. A new code is calculated each period, commonly every 30 seconds.
Q.Can this replace an authenticator app?
It can calculate the same style of code, but a dedicated authenticator app or password manager is safer for daily storage.
Data handling notice
Browser-local processing: the main calculation or conversion runs in your browser.
No server storage: except for UI preferences such as favorites, ZHS does not store your input files or text on the server.
Sensitive-data caution: even with local processing, avoid entering production secrets, national IDs, financial data, or raw customer data into public web tools.