What Is 2FA And How TOTP Works
Two-factor authentication adds a second proof of identity on top of your password. One of the most common forms is TOTP, which creates short-lived 6-digit codes.
Why 2FA Exists
Passwords can be guessed, leaked, reused, or stolen through phishing. Two-factor authentication reduces that risk by requiring a second factor, usually something you have or something you can generate locally. Even if a password is exposed, an attacker may still fail to sign in without the second factor.
What TOTP Means
TOTP stands for Time-based One-Time Password. A server and your authenticator app share the same secret key. Both sides combine that key with the current time to generate a temporary code, usually rotating every 30 seconds.
TOTP vs SMS
- TOTP codes can be generated offline once set up.
- SMS codes depend on phone numbers and mobile networks.
- SIM-swap and message interception risks make SMS weaker in some scenarios.
Why Local Generation Matters
A browser-based local generator can be useful when you need a quick way to test a TOTP secret without sending it to a remote server. That does not remove all risks, but it reduces exposure compared with tools that upload secrets for processing.
Basic Safety Tips
- Only store real 2FA secrets on trusted devices.
- Back up recovery codes when enabling 2FA.
- Do not rely on screenshots as your only backup method.
- Review each service’s recovery policy before switching phones.