totp-generator
Advanced tools
The totp-generator npm package is used to generate Time-based One-Time Passwords (TOTP). This is commonly used for two-factor authentication (2FA) to enhance security by providing a second layer of authentication.
Generate TOTP
This feature allows you to generate a TOTP using a shared secret. The generated token is time-based and changes every 30 seconds by default.
const totp = require('totp-generator');
const secret = 'JBSWY3DPEHPK3PXP';
const token = totp(secret);
console.log(token);Custom Time Step
This feature allows you to customize the time step for the TOTP generation. In this example, the token changes every 60 seconds instead of the default 30 seconds.
const totp = require('totp-generator');
const secret = 'JBSWY3DPEHPK3PXP';
const token = totp(secret, { time: 60 });
console.log(token);Custom Digits
This feature allows you to customize the number of digits in the generated TOTP. In this example, the token has 8 digits instead of the default 6 digits.
const totp = require('totp-generator');
const secret = 'JBSWY3DPEHPK3PXP';
const token = totp(secret, { digits: 8 });
console.log(token);otplib is a comprehensive library for generating and validating both TOTP and HOTP (HMAC-based One-Time Passwords). It offers more configuration options and supports both TOTP and HOTP, making it more versatile compared to totp-generator.
speakeasy is another popular library for generating and verifying TOTP and HOTP. It provides a wide range of features including QR code generation for easy setup with authenticator apps. It is more feature-rich compared to totp-generator.
notp is a minimalistic library for generating and verifying TOTP and HOTP. It is lightweight and easy to use, but it lacks some of the advanced features found in otplib and speakeasy. It is simpler but less versatile compared to totp-generator.
totp-generator lets you generate TOTP tokens from a TOTP key
import { TOTP } from "totp-generator"
// Keys provided must be base32 strings, ie. only containing characters matching (A-Z, 2-7, =).
const { otp, expires } = TOTP.generate("JBSWY3DPEHPK3PXP")
console.log(otp) // prints a 6-digit time-based token based on provided key and current time
Settings can be provided as an optional second parameter:
import { TOTP } from "totp-generator"
const { otp } = TOTP.generate("JBSWY3DPEHPK3PXP", { digits: 8 })
console.log(token) // prints an 8-digit token
const { otp } = TOTP.generate("JBSWY3DPEHPK3PXP", { algorithm: "SHA-512" })
console.log(token) // prints a token created using a different algorithm
const { otp } = TOTP.generate("JBSWY3DPEHPK3PXP", { period: 60 })
console.log(token) // prints a token using a 60-second epoch interval
const { otp } = TOTP.generate("JBSWY3DPEHPK3PXP", { timestamp: 1465324707000 })
console.log(token) // prints a token for given time
const { otp } = TOTP.generate("JBSWY3DPEHPK3PXP", {
digits: 8,
algorithm: "SHA-512",
period: 60,
timestamp: 1465324707000,
})
console.log(token) // prints a token using all custom settings combined
FAQs
Generate TOTP tokens from key
The npm package totp-generator receives a total of 213,613 weekly downloads. As such, totp-generator popularity was classified as popular.
We found that totp-generator demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
The ongoing npm phishing campaign escalates as attackers hijack the popular 'is' package, embedding malware in multiple versions.
Security News
A critical flaw in the popular npm form-data package could allow HTTP parameter pollution, affecting millions of projects until patched versions are adopted.
Security News
Bun 1.2.19 introduces isolated installs for smoother monorepo workflows, along with performance boosts, new tooling, and key compatibility fixes.