RFC 6238 · TOTP
LiveAuthenticator
A real, live Time-based One-Time Password generator - the exact 2FA
algorithm behind Google Authenticator, Authy, and most app-based logins. The C# original is powered by the
OnlyCSharp/1.8 BCL-only crypto library (OcTotp / OcHotp /
OcOtpAuthUri); this page recomputes the same demo below in your browser, so the code you see
is genuinely ticking against your clock.
Live code - demo secret
30
••• •••
refreshes every 30 s · SHA-1 · 6 digits ·
Demo secret only - the string "MySuperSecretKey123!" is hard-coded so the
output is reproducible. A real TOTP secret must be securely random (20+ bytes), confidential, and
provisioned once per account.
Provisioning descriptor
otpauth:// URI a QR code would encode:
otpauth://totp/KullGames%20LiveAuthenticator%20Demo:demo%40kullgames.com?secret=JV4VG5LQMVZFGZLDOJSXIS3FPEYTEMZB&issuer=KullGames%20LiveAuthenticator%20Demo&algorithm=SHA1&digits=6&period=30
Real captured run - the C# console app
KullGames.LiveAuthenticator -- live TOTP (RFC 6238) demo ========================================================= Powered by OnlyCSharp/1.8 Cybersecurity.Cryptography.OneTimePassword (OcTotp / OcHotp / OcOtpAuthUri). Demo shared secret (NOT a real credential): "MySuperSecretKey123!" Live codes (one sample every 3s, 6 samples, ~18s total): [1/6] t=1783967668 Code: 176001 (refreshes in 2s) [2/6] t=1783967671 Code: 368925 (refreshes in 29s) ← 30s boundary: rolled over [3/6] t=1783967674 Code: 368925 (refreshes in 26s) [4/6] t=1783967677 Code: 368925 (refreshes in 23s) [5/6] t=1783967680 Code: 368925 (refreshes in 20s) [6/6] t=1783967683 Code: 368925 (refreshes in 17s) Verify(code="368925", t=1783967683) -> True (matchedOffset=0) ROUND-TRIP PASSED: the live-generated code verifies successfully.