Interzone
All FAQ articles
FAQ

TOTP Token Errors: Why a 2FA Code Fails

If a TOTP code fails, check the secret, spaces, account, and clock before resetting 2FA.

Open 2FA generator All FAQ articles

Common Causes

TOTP depends on two things: the secret key and time. An error appears when the Base32 token is incomplete, includes spaces, belongs to another account, or was replaced after 2FA was configured again.

Time is the other common issue. The code is short-lived, so a value copied near the end of an interval may expire before it is submitted. If the device clock drifts far from the server, even a fresh-looking code can fail.

How to Check the Token

Copy the secret without spaces, quotes, or line breaks. Confirm that it is the Base32 token or otpauth link, not the one-time code itself. If the secret came from a QR code, make sure that QR code belongs to the right service and account.

Then wait for a new code and submit it immediately. If you use an online authenticator, refresh the page or confirm that the countdown timer is working.

When to Reset 2FA

If the error repeats, disable the old setup and enable 2FA again on the target service. Save the new recovery codes and remove old secrets from documentation.

Avoid guessing or repeatedly submitting old values. Some services temporarily block sign-in attempts after multiple failures.

Need a code now?

Open the online 2FA generator and create the current TOTP/OTP code from a Base32 token.

Generate 2FA code online