TOTP Secret Key Generator

How to use

1. 1️⃣
   Choose your options above
2. 2️⃣
   Click Generate
3. 3️⃣
   Copy your result

Detailed instructions

1. Set the count field to the number of secret keys you need — for example, 10 if seeding a batch of test users.
2. Set the length field to your target character count; leave it at 32 for standard 160-bit TOTP compatibility.
3. Click Generate to produce your Base32 secret keys as a list.
4. Copy individual keys or the full list, then paste them into your database seed script, test fixture, or QR code generator.

Use Cases

• •Seeding a staging database with unique 2FA secrets for 50 test user accounts
• •Pasting a key into pyotp or otplib to verify your TOTP validation logic in unit tests
• •Populating an otpauth:// URI and QR code to test authenticator app scanning end-to-end
• •Supplying realistic Base32 secrets in API documentation and Postman collection examples
• •Generating demo secrets for a security-awareness training session on 2FA enrollment flows

Tips

• →Generate secrets at length 32 by default; only go to 64 if a specific hardware token or spec explicitly requires longer seeds.
• →Combine a generated secret with the pyotp or otplib verify function immediately — confirm the library accepts it before building enrollment logic around it.
• →When using secrets for QR code demos, pair them with a fixed account name and issuer in the otpauth URI so the authenticator app labels them clearly.
• →Generate a batch of 20-50 keys at once to populate a test-user seed file; it's faster than running the generator repeatedly for each row.
• →Never log generated secrets in console output or test reports, even in development — build that discipline early so it carries into production code.
• →If your TOTP library throws an invalid-secret error, check that you haven't accidentally included padding characters (=) — strip them before storing or passing the key.

FAQ