Unlock vault
enter your passphrase
First time? Choose a passphrase you'll remember. We use it to derive a 256-bit
AES-GCM key (via PBKDF2-SHA-256, 250,000 iterations) that encrypts your TOTP secrets in
localStorage. We never send the passphrase or secrets to a server.
Your codes
click any code to copy · auto-refresh every second
Add account
paste an otpauth URL, or enter the secret manually
How this works. TOTP RFC 6238 · HMAC-SHA1 · 6 digits · 30-second window.
Same algorithm as the CH Authenticator iOS app and the backend
CHAuthenticator. Secrets stay encrypted in your browser; this page makes no
network calls after page load.