In development. RVNT is pre-release — not yet security-audited. Source code, public builds, and the iOS / App Store release aren’t available yet. See the roadmap →

HOTP Generator

Counter-based one-time codes (RFC 4226).

Runs entirely in your browser — nothing you enter is uploaded, logged, or tracked.

HOTP is the event/counter-based sibling of TOTP — the algorithm behind many hardware OTP tokens. Enter a base32 secret and a counter value to compute the matching 6–8 digit code (RFC 4226) and step the counter. Everything is computed locally; the secret never leaves your browser.

🔒 Computed on this page only — your secret makes no network request.

Frequently asked questions

How is HOTP different from TOTP?

HOTP uses a counter that increments each time a code is used; TOTP uses the current time. Both use HMAC and the same truncation — TOTP is essentially HOTP with the counter derived from the clock.

Does it match RFC 4226?

Yes — standard HOTP (HMAC-SHA1, dynamic truncation), so counter 0 of the RFC test secret produces 755224, counter 1 produces 287082, and so on.

Is my secret sent anywhere?

No — it is computed in your browser with the Web Crypto API; the secret is never transmitted.

Related tools

Password Generator Strong, random passwords — generated locally. Hash Generator SHA-1, SHA-256, SHA-384 & SHA-512. JWT Decoder Decode a JSON Web Token, locally.

Built by a privacy company

These tools never phone home — the same principle as RVNT itself: a post-quantum, end-to-end-encrypted, peer-to-peer messenger with no servers and no tracking.

Get RVNT All tools