In development. RVNT is pre-release — not yet security-audited. Source code, public builds, and the iOS / App Store release aren’t available yet. See the roadmap →

TOTP / 2FA Code Generator

Time-based one-time codes (RFC 6238).

Runs entirely in your browser — nothing you enter is uploaded, logged, or tracked.

Paste a base32 secret (the key behind a 2FA QR code) to generate the current 6-digit time-based one-time password and watch it refresh every 30 seconds — exactly what an authenticator app produces. Useful for testing, backups or verifying a setup. The secret never leaves your browser.

🔒 Computed on this page only — your secret makes no network request and is never stored.

Frequently asked questions

Is my secret sent anywhere?

No. The code is computed locally with HMAC in your browser; the secret is never transmitted or stored. Still, only paste secrets you control.

Does it match Google Authenticator?

Yes — it implements standard TOTP (RFC 6238): HMAC-SHA1, 30-second steps, 6 digits, which is what Authy, Google Authenticator and most 2FA apps use.

What format is the secret?

Base32 (letters A–Z and digits 2–7) — the format shown under “manual entry” / “can’t scan the code” on 2FA setup screens. Spaces are ignored.

Can I change the digits or period?

Yes — set 6/7/8 digits and the time step, and choose SHA-1/SHA-256/SHA-512 for services that use them.

Related tools

Password Generator Strong, random passwords — generated locally. Hash Generator SHA-1, SHA-256, SHA-384 & SHA-512. JWT Decoder Decode a JSON Web Token, locally.

Built by a privacy company

These tools never phone home — the same principle as RVNT itself: a post-quantum, end-to-end-encrypted, peer-to-peer messenger with no servers and no tracking.

Get RVNT All tools