No. The 6-digit TOTP changes every 30 seconds. Backup codes (8 digits) are static and single-use. Use backup codes only when you cannot access your authenticator.

First, understanding what this code is—and isn’t—is essential. When you enable two-factor authentication (2FA) on your Gmail account, Google offers several methods: SMS text messages, Google Prompt (tap “Yes” on a trusted device), or an authenticator app that generates a rotating six-digit code. The most common standard for these apps is TOTP (Time-based One-Time Password) , defined in RFC 6238.

A TOTP code is derived from a shared secret key (usually a 16–32 character base32 string) and the current Unix time, sliced into 30-second windows. The algorithm produces a six-digit number. This code changes every 30 seconds, and the server (Google) independently computes the same code based on the shared secret and the same time window. If your entered code matches, access is granted.

If you cannot generate a transfer QR code, or you are switching between app types (e.g., Google Auth to Authy), you need the original secret key.

While portability is convenient, it expands your attack surface. Follow these rules:

Thêm vào giỏ hàng thành công
popup

Số lượng:

Tổng tiền: