back to main page 2

Time-based One-time Password Algorithm

This page contains a javascript implementation of the Time-based One-time Password Algorithm used by Google Authenticator and described in the TOTP RFC Draft.

Install Google Authenticator on your smartphone: iOS, Android, Blackberry. As the TOTP is an open standard you can use this app to create one-time passwords for your own application. You add an account plus secret by scanning a QR code (more info on the google code wiki). The javascript below implements the algorithm the smartphone app uses to generate the OTP - you would use this same algorithm server-side to verify an OTP.

Put it to the test by setting the base32 secret, scanning the QR code in Google Authenticate. You should see the same OTP on your smartphone and displayed at the bottom on the page.