Awesome Open Source
Awesome Open Source

Last version Build Status Dependencies status Dev dependencies status NPM downloads


One Time Password (HOTP/TOTP) library for Node.js, Deno and browsers.



import * as OTPAuth from 'otpauth';

// Create a new TOTP object.
let totp = new OTPAuth.TOTP({
	issuer: 'ACME',
	label: 'AzureDiamond',
	algorithm: 'SHA1',
	digits: 6,
	period: 30,
	secret: 'NB2W45DFOIZA' // or "OTPAuth.Secret.fromBase32('NB2W45DFOIZA')"

// Generate a token.
let token = totp.generate();

// Validate a token.
let delta = totp.validate({
	token: token,
	window: 1

// Convert to Google Authenticator key URI.
// otpauth://totp/ACME:AzureDiamond?issuer=ACME&secret=NB2W45DFOIZA&algorithm=SHA1&digits=6&period=30
let uri = totp.toString(); // or "OTPAuth.URI.stringify(totp)"

// Convert from Google Authenticator key URI.
let parsedTotp = OTPAuth.URI.parse(uri);


// @deno-types=""
import * as OTPAuth from ''

// Same as above...


<script src=""></script>
	// Same as above...


See the documentation page.

Supported hashing algorithms

In Node.js, the same algorithms as Crypto.createHmac function are supported, since it is used internally. In Deno and browsers, the SHA1, SHA224, SHA256, SHA384, SHA512, SHA3-224, SHA3-256, SHA3-384 and SHA3-512 algorithms are supported by using the jsSHA library.


MIT License © Héctor Molinero Fernández.

Get A Weekly Email With Trending Projects For These Topics
No Spam. Unsubscribe easily at any time.
javascript (69,803
nodejs (3,752
security (1,875
node (986
browser (455
node-js (168
deno (127
auth (96
otp (66
totp (46
two-factor-authentication (40
authenticator (22
hotp (22
two-factor (18