🔑JWT & Auth

TOTP (2FA) Setup

The Base32 secret used to set up 2-factor authentication.

Explanation

TOTP (Time-based One-Time Password) apps like Google Authenticator use a shared secret to generate 6-digit codes.

Examples

Base32 Secret
Output
JBSWY3DPEB3W64TMMQQQ

Code Examples

OTP Auth URI 
otpauth://totp/Vaima:user@example.com?secret=JBSWY3DPEB3W64TM&issuer=Vaima

💡 Tips

  • Secrets are typically 16-32 characters of Base32
  • Provide a backup code list for users who lose their device
  • The QR code is just an "otpauth://" URI

⚠️ Common Pitfalls

  • Storing TOTP secrets in plain text makes 2FA useless if DB is leaked
← Back to All Templates