About 2FA Live

Free, privacy-first two-factor authentication

2FA Live was created with a simple mission: to provide a free, secure, and transparent way for anyone to generate Time-based One-Time Passwords (TOTP) without trusting a third party with their secret keys. Every computation happens in your browser — your secrets never leave your device.

Why 2FA Live?

Most authenticator apps require you to trust a company with your secret keys, whether through cloud syncing, account registration, or opaque code. 2FA Live takes a radically different approach:

100% Client-Side

All cryptographic operations run in your browser using the Web Crypto API

Privacy-First Analytics

No fingerprinting — Google Analytics may use cookies for anonymized, aggregated usage analytics only

Transparent

Fully transparent client-side code — verify our privacy claims yourself

Works Offline

Install as a PWA and generate codes without an internet connection

Technology Stack

2FA Live is built with a zero-dependency architecture, emphasizing simplicity, performance, and security:

HTML5 CSS3 Vanilla JS Web Crypto API PWA Service Worker

How It Works

2FA Live implements the TOTP algorithm as defined in RFC 6238:

You enter your Base32-encoded secret key
The key is decoded and used with the current timestamp to generate an HMAC-SHA1 hash via the Web Crypto API
A 6-digit code is extracted from the hash using dynamic truncation
The code refreshes every 30 seconds, synchronized with your device clock
Once you close the page, the key is permanently discarded from memory

Provider

2FA Live is developed and maintained by Narrapedia. We are committed to providing free, privacy-focused tools for everyone.

Ready to generate your 2FA codes?

Launch 2FA Live Generator