Last updated: June 2026 · Effective immediately
API2FA is a free, browser-based tool that generates Time-based One-Time Passwords (TOTP) — commonly used for two-factor authentication (2FA). You provide a secret key, and we display the current 6-digit code that rotates every 30 seconds, identical to what authenticator apps like Google Authenticator or Authy produce.
By accessing or using API2FA at api2fa.com, you agree to be bound by these Terms of Service. If you do not agree with any part of these terms, please discontinue use of the service immediately.
You may use API2FA for lawful purposes only. You agree not to:
We reserve the right to block access to the service at our discretion for violations of these terms.
You are solely responsible for the 2FA secret keys you enter into API2FA. Secret keys grant access to accounts — treat them like passwords. Do not share your secret keys with anyone you do not trust.
API2FA is a tool, not a security service. We do not verify the legitimacy of the accounts associated with any keys you use.
API2FA is provided "as is" without warranties of any kind. We do not guarantee that the service will be uninterrupted, error-free, or perfectly accurate at all times. TOTP codes are time-sensitive and depend on your device clock being synchronized.
To the fullest extent permitted by law, API2FA and its operators shall not be liable for any direct, indirect, incidental, or consequential damages arising from your use of the service, including but not limited to account lockouts, unauthorized access, or data loss.
We may update these Terms of Service at any time. Continued use of the service after changes constitutes your acceptance of the new terms. We recommend checking this page periodically.
For questions about these terms, contact us via Telegram: t.me/api2fa