npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2025 – Pkg Stats / Ryan Hefner

gen-totp

v2.0.7

Published

A time-based One-time Password generator that uses current time as a source of uniqueness, following RFC 6238.

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

miladezzatmiladezzat

Keywords

otpgenerate-otptotpmobile-verification

Readme

Generate TOTP

npm version npm downloads

Time-based One-Time Password (TOTP) is an algorithm that generates a one-time password based on the current time. TOTP is an extension of the HMAC-based One-Time Password (HOTP) algorithm and is standardized in RFC 6238. For more details, see Wikipedia.

Table of Contents

Installation

You can install gen-totp via npm or yarn:

npm install gen-totp
# or
yarn add gen-totp

Usage

Basic Usage

import genTOTP from 'gen-totp';

const otp = genTOTP('test-key');
// Returns a 6-digit OTP by default
console.log(otp);

Customizing OTP Length

import genTOTP from 'gen-totp';

const otp = genTOTP('test-key', { digits: 4 });
// Returns a 4-digit OTP
console.log(otp);

Options

The genTOTP function accepts two parameters:

  1. key: A string containing the base32-encoded secret key. It can include numbers, uppercase letters, _, and -.
  2. options: An optional object to customize the OTP generation. The available options are detailed in the table below:

| Option | Type | Default | Description | |------------|--------|---------|--------------------------------------------------------------------------------------------------| | digits | number | 6 | The number of digits in the generated OTP. | | period | number | 30 | The time period (in seconds) after which a new OTP is generated. | | algorithm | string | 'SHA-1' | The hashing algorithm used to generate the OTP. Supported algorithms include: | | | | | - SHA-1 | | | | | - SHA-224 | | | | | - SHA-256 | | | | | - SHA-384 | | | | | - SHA-512 | | | | | - SHA3-224 | | | | | - SHA3-256 | | | | | - SHA3-384 | | | | | - SHA3-512 | | | | | For more details, refer to the JsSHA documentation. |

Key Format and Encoding

When providing a key to the genTOTP function, you can use different encodings specified by the encoding option:

  1. UTF-8 Encoding (default):

    • Any valid UTF-8 string can be used as the key
    • Supports alphabetic characters (A-Z, a-z), numeric characters (0-9), special characters, and Unicode characters including emoji

  2. Hex Encoding :

    • The key should be a valid hexadecimal string
    • Only characters 0-9 and a-f (case insensitive) are allowed

  3. Base32 Encoding :

    • The key should be a valid base32 string according to RFC 4648
    • Only uppercase letters A-Z and digits 2-7 are allowed
    • Padding with '=' is optional Example of valid keys:
  • UTF-8: mySecureKey123! , secretKey你好 , emojiKey😊🔑
  • Hex: deadbeef1234 , 01a2b3c4d5e6f7
  • Base32: JBSWY3DPEHPK3PXP , GEZDGNBVGY3TQOJQ

Documentation

For more detailed documentation, visit the Official Documentation .

Contributing

Contributions are welcome! If you have any bug reports, suggestions, or feature requests, please open an issue on GitHub.

To contribute:

  1. Fork the repository
  2. Create a new feature branch ( git checkout -b feature/new-feature )
  3. Commit your changes ( git commit -m 'Add new feature' )
  4. Push to the branch ( git push origin feature/new-feature )
  5. Create a new Pull Request Make sure to follow the Contributor Covenant Code of Conduct when participating in the project.