[{"data":1,"prerenderedAt":310},["ShallowReactive",2],{"term-t\u002Ftotp":3,"related-t\u002Ftotp":295},{"id":4,"title":5,"acronym":5,"body":6,"category":276,"description":277,"difficulty":278,"extension":279,"letter":280,"meta":281,"navigation":81,"path":282,"related":283,"seo":288,"sitemap":289,"stem":292,"subcategory":293,"__hash__":294},"terms\u002Fterms\u002Ft\u002Ftotp.md","TOTP",{"type":7,"value":8,"toc":270},"minimark",[9,14,18,22,25,29,259,263,266],[10,11,13],"h2",{"id":12},"eli5-the-vibe-check","ELI5 — The Vibe Check",[15,16,17],"p",{},"TOTP (Time-based One-Time Password) is the 6-digit code that changes every 30 seconds in apps like Google Authenticator. It uses a shared secret and the current time to generate a code. Even if someone sees your code, it expires in 30 seconds and a new one takes its place.",[10,19,21],{"id":20},"real-talk","Real Talk",[15,23,24],{},"TOTP (Time-based One-Time Password) is an algorithm (RFC 6238) that generates short-lived passwords from a shared secret and the current timestamp. Both the server and the authenticator app independently compute the same code. It's a common second factor in MFA implementations.",[10,26,28],{"id":27},"show-me-the-code","Show Me The Code",[30,31,36],"pre",{"className":32,"code":33,"language":34,"meta":35,"style":35},"language-javascript shiki shiki-themes material-theme-lighter material-theme material-theme-palenight","\u002F\u002F Generating a TOTP secret with speakeasy\nimport speakeasy from 'speakeasy';\n\n\u002F\u002F On setup:\nconst secret = speakeasy.generateSecret({ length: 20 });\n\u002F\u002F Store secret.base32 for the user\n\u002F\u002F Show secret.otpauth_url as QR code\n\n\u002F\u002F On verification:\nconst verified = speakeasy.totp.verify({\n  secret: user.totpSecret,\n  encoding: 'base32',\n  token: userProvidedCode,\n  window: 1,\n});\n","javascript","",[37,38,39,48,76,83,89,137,143,149,154,160,187,206,223,236,249],"code",{"__ignoreMap":35},[40,41,44],"span",{"class":42,"line":43},"line",1,[40,45,47],{"class":46},"sHwdD","\u002F\u002F Generating a TOTP secret with speakeasy\n",[40,49,51,55,59,62,66,70,73],{"class":42,"line":50},2,[40,52,54],{"class":53},"s7zQu","import",[40,56,58],{"class":57},"sTEyZ"," speakeasy ",[40,60,61],{"class":53},"from",[40,63,65],{"class":64},"sMK4o"," '",[40,67,69],{"class":68},"sfazB","speakeasy",[40,71,72],{"class":64},"'",[40,74,75],{"class":64},";\n",[40,77,79],{"class":42,"line":78},3,[40,80,82],{"emptyLinePlaceholder":81},true,"\n",[40,84,86],{"class":42,"line":85},4,[40,87,88],{"class":46},"\u002F\u002F On setup:\n",[40,90,92,96,99,102,105,108,112,115,118,122,125,129,132,135],{"class":42,"line":91},5,[40,93,95],{"class":94},"spNyl","const",[40,97,98],{"class":57}," secret ",[40,100,101],{"class":64},"=",[40,103,104],{"class":57}," speakeasy",[40,106,107],{"class":64},".",[40,109,111],{"class":110},"s2Zo4","generateSecret",[40,113,114],{"class":57},"(",[40,116,117],{"class":64},"{",[40,119,121],{"class":120},"swJcz"," length",[40,123,124],{"class":64},":",[40,126,128],{"class":127},"sbssI"," 20",[40,130,131],{"class":64}," }",[40,133,134],{"class":57},")",[40,136,75],{"class":64},[40,138,140],{"class":42,"line":139},6,[40,141,142],{"class":46},"\u002F\u002F Store secret.base32 for the user\n",[40,144,146],{"class":42,"line":145},7,[40,147,148],{"class":46},"\u002F\u002F Show secret.otpauth_url as QR code\n",[40,150,152],{"class":42,"line":151},8,[40,153,82],{"emptyLinePlaceholder":81},[40,155,157],{"class":42,"line":156},9,[40,158,159],{"class":46},"\u002F\u002F On verification:\n",[40,161,163,165,168,170,172,174,177,179,182,184],{"class":42,"line":162},10,[40,164,95],{"class":94},[40,166,167],{"class":57}," verified ",[40,169,101],{"class":64},[40,171,104],{"class":57},[40,173,107],{"class":64},[40,175,176],{"class":57},"totp",[40,178,107],{"class":64},[40,180,181],{"class":110},"verify",[40,183,114],{"class":57},[40,185,186],{"class":64},"{\n",[40,188,190,193,195,198,200,203],{"class":42,"line":189},11,[40,191,192],{"class":120},"  secret",[40,194,124],{"class":64},[40,196,197],{"class":57}," user",[40,199,107],{"class":64},[40,201,202],{"class":57},"totpSecret",[40,204,205],{"class":64},",\n",[40,207,209,212,214,216,219,221],{"class":42,"line":208},12,[40,210,211],{"class":120},"  encoding",[40,213,124],{"class":64},[40,215,65],{"class":64},[40,217,218],{"class":68},"base32",[40,220,72],{"class":64},[40,222,205],{"class":64},[40,224,226,229,231,234],{"class":42,"line":225},13,[40,227,228],{"class":120},"  token",[40,230,124],{"class":64},[40,232,233],{"class":57}," userProvidedCode",[40,235,205],{"class":64},[40,237,239,242,244,247],{"class":42,"line":238},14,[40,240,241],{"class":120},"  window",[40,243,124],{"class":64},[40,245,246],{"class":127}," 1",[40,248,205],{"class":64},[40,250,252,255,257],{"class":42,"line":251},15,[40,253,254],{"class":64},"}",[40,256,134],{"class":57},[40,258,75],{"class":64},[10,260,262],{"id":261},"when-youll-hear-this","When You'll Hear This",[15,264,265],{},"\"Scan the QR code in your TOTP app.\" \u002F \"The TOTP code is only valid for 30 seconds.\"",[267,268,269],"style",{},"html pre.shiki code .sHwdD, html code.shiki .sHwdD{--shiki-light:#90A4AE;--shiki-light-font-style:italic;--shiki-default:#546E7A;--shiki-default-font-style:italic;--shiki-dark:#676E95;--shiki-dark-font-style:italic}html pre.shiki code .s7zQu, html code.shiki .s7zQu{--shiki-light:#39ADB5;--shiki-light-font-style:italic;--shiki-default:#89DDFF;--shiki-default-font-style:italic;--shiki-dark:#89DDFF;--shiki-dark-font-style:italic}html pre.shiki code .sTEyZ, html code.shiki .sTEyZ{--shiki-light:#90A4AE;--shiki-default:#EEFFFF;--shiki-dark:#BABED8}html pre.shiki code .sMK4o, html code.shiki .sMK4o{--shiki-light:#39ADB5;--shiki-default:#89DDFF;--shiki-dark:#89DDFF}html pre.shiki code .sfazB, html code.shiki .sfazB{--shiki-light:#91B859;--shiki-default:#C3E88D;--shiki-dark:#C3E88D}html pre.shiki code .spNyl, html code.shiki .spNyl{--shiki-light:#9C3EDA;--shiki-default:#C792EA;--shiki-dark:#C792EA}html pre.shiki code .s2Zo4, html code.shiki .s2Zo4{--shiki-light:#6182B8;--shiki-default:#82AAFF;--shiki-dark:#82AAFF}html pre.shiki code .swJcz, html code.shiki .swJcz{--shiki-light:#E53935;--shiki-default:#F07178;--shiki-dark:#F07178}html pre.shiki code .sbssI, html code.shiki .sbssI{--shiki-light:#F76D47;--shiki-default:#F78C6C;--shiki-dark:#F78C6C}html .light .shiki span {color: var(--shiki-light);background: var(--shiki-light-bg);font-style: var(--shiki-light-font-style);font-weight: var(--shiki-light-font-weight);text-decoration: var(--shiki-light-text-decoration);}html.light .shiki span {color: var(--shiki-light);background: var(--shiki-light-bg);font-style: var(--shiki-light-font-style);font-weight: var(--shiki-light-font-weight);text-decoration: var(--shiki-light-text-decoration);}html .default .shiki span {color: var(--shiki-default);background: var(--shiki-default-bg);font-style: var(--shiki-default-font-style);font-weight: var(--shiki-default-font-weight);text-decoration: var(--shiki-default-text-decoration);}html .shiki span {color: var(--shiki-default);background: var(--shiki-default-bg);font-style: var(--shiki-default-font-style);font-weight: var(--shiki-default-font-weight);text-decoration: var(--shiki-default-text-decoration);}html .dark .shiki span {color: var(--shiki-dark);background: var(--shiki-dark-bg);font-style: var(--shiki-dark-font-style);font-weight: var(--shiki-dark-font-weight);text-decoration: var(--shiki-dark-text-decoration);}html.dark .shiki span {color: var(--shiki-dark);background: var(--shiki-dark-bg);font-style: var(--shiki-dark-font-style);font-weight: var(--shiki-dark-font-weight);text-decoration: var(--shiki-dark-text-decoration);}",{"title":35,"searchDepth":50,"depth":50,"links":271},[272,273,274,275],{"id":12,"depth":50,"text":13},{"id":20,"depth":50,"text":21},{"id":27,"depth":50,"text":28},{"id":261,"depth":50,"text":262},"security","TOTP (Time-based One-Time Password) is the 6-digit code that changes every 30 seconds in apps like Google Authenticator.","intermediate","md","t",{},"\u002Fterms\u002Ft\u002Ftotp",[284,285,286,287],"2FA","MFA","Authentication","Biometric",{"title":5,"description":277},{"changefreq":290,"priority":291},"weekly",0.7,"terms\u002Ft\u002Ftotp",null,"TF7Nkth3h0PkQlu0TqkwfQUTbhtb-4C0qJgnV4qcWlE",[296,300,304,307],{"title":284,"path":297,"acronym":284,"category":276,"difficulty":298,"description":299},"\u002Fterms\u002F2\u002F2fa","beginner","2FA is short for Two-Factor Authentication. Two locks instead of one. Password plus a code from your phone (or a hardware key).",{"title":286,"path":301,"acronym":302,"category":276,"difficulty":298,"description":303},"\u002Fterms\u002Fa\u002Fauthentication","AuthN","Authentication is proving you are who you say you are.",{"title":287,"path":305,"acronym":293,"category":276,"difficulty":298,"description":306},"\u002Fterms\u002Fb\u002Fbiometric","Biometric authentication uses your body as your password — fingerprint, face, iris scan.",{"title":285,"path":308,"acronym":285,"category":276,"difficulty":298,"description":309},"\u002Fterms\u002Fm\u002Fmfa","MFA stands for Multi-Factor Authentication. It's the umbrella term for requiring multiple proofs of identity. 2FA is MFA with exactly two factors.",1776518317256]