Secret2OTP
Secret2OTP

Privacy Policy

Our commitment to protecting your privacy and data

No Data Storage

Secret2OTP operates entirely in your browser. All secret keys and TOTP codes generated exist only in your device's memory. We do not store, transmit, or collect any information from you whatsoever.

Client-Side Encryption

All data stored locally in your browser's LocalStorage is encrypted. No backend server is involved in the processing. Your data remains under your complete control at all times.

Transparent Source Code

The application is built entirely with JavaScript/TypeScript and can be inspected directly in your browser. You can review the entire source code to ensure there is no suspicious behavior.

Maximum Security

We use the standard RFC 6238 TOTP algorithm to generate authentication codes. All calculations are performed offline, requiring no internet connection after the initial page load. Secret keys never leave your device.

Security Recommendations

  • Always use HTTPS when accessing the application
  • Never share your secret keys with anyone
  • Clear browser cache when using on public computers
  • Back up secret keys in a safe place before clearing browser data