> ## Documentation Index
> Fetch the complete documentation index at: https://docs.zerokeyusb.com/llms.txt
> Use this file to discover all available pages before exploring further.

# 2FA Codes (TOTP)

> How to enter date/time the first time, view the 6-digit code with countdown and have it typed automatically to your computer.

ZeroKeyUSB can generate **TOTP codes (RFC 6238)** fully offline — the same ones you'd see in Google Authenticator, without a phone. This guide covers the usage flow. To add a TOTP secret to a credential, see [Importing credentials](/getting-started/importing-credentials).

<Note>
  **Before you start:** the credential must have a TOTP secret loaded (in the `2FA` field). If you see `2FA --` on screen, it doesn't have one. Load the secret from the web manager or over USB-CDC first.
</Note>

***

## Step 1 — Navigate to the 2FA field

From the credential's main screen, press **Down** until you reach the 2FA field. The icon switches from padlock (Pass) to key (2FA). If the credential has a secret loaded, you'll see `2FA (OK)`. Otherwise, `2FA --`.

<img src="https://mintcdn.com/depbit/p6YzZPVAl__6h8gW/images/steps/totp-codes-01-nav-2fa.svg?fit=max&auto=format&n=p6YzZPVAl__6h8gW&q=85&s=75b8812d476a94c1710d543ad9ca86f5" alt="2FA field selected" width="884" height="283" data-path="images/steps/totp-codes-01-nav-2fa.svg" />

*With the 2FA field selected (inverted key icon), press **Center** (short) to start calculating the code.*

***

## Step 2 — Enter the date (first time per session)

The ATECC608A has no RTC. It needs date and time **just once** per session (between power cycles). The device asks for the date first in `DD/MM/YY` format.

<img src="https://mintcdn.com/depbit/p6YzZPVAl__6h8gW/images/steps/totp-codes-02-date.svg?fit=max&auto=format&n=p6YzZPVAl__6h8gW&q=85&s=57e0ecb850860261e602792bdcdafa88" alt="Enter date" width="884" height="283" data-path="images/steps/totp-codes-02-date.svg" />

| Button         | Action                                            |
| -------------- | ------------------------------------------------- |
| **Up/Down**    | Increase/decrease the current digit (0–9)         |
| **Left/Right** | Move the cursor between digits (skipping the `/`) |
| **Center**     | Confirm the date and move to the time             |

*Set today's date and press **Center**.*

***

## Step 3 — Enter the time

Same flow, now in `HH:MM` (24h local time) format.

<img src="https://mintcdn.com/depbit/p6YzZPVAl__6h8gW/images/steps/totp-codes-03-time.svg?fit=max&auto=format&n=p6YzZPVAl__6h8gW&q=85&s=3ffe1aa2b23c365be3bc4c3c4e930bb7" alt="Enter time" width="884" height="283" data-path="images/steps/totp-codes-03-time.svg" />

*Same buttons as the date. When done, press **Center** to compute the code.*

<Tip>
  The time can be your exact local time — the device does not apply a timezone. If the service expects UTC and you live elsewhere, adjust manually.
</Tip>

***

## Step 4 — View the TOTP code

After entering date and time, the ATECC608A computes HMAC-SHA1 of secret + epoch/30 and shows the resulting 6 digits. The bottom bar empties as the 30-second window approaches its end.

<img src="https://mintcdn.com/depbit/p6YzZPVAl__6h8gW/images/steps/totp-codes-04-view-code.svg?fit=max&auto=format&n=p6YzZPVAl__6h8gW&q=85&s=abe84cd5d81c9d41b76f0d66ae07d251" alt="TOTP code on screen" width="884" height="283" data-path="images/steps/totp-codes-04-view-code.svg" />

*With your cursor on the 2FA input field of your app, short-press **Center**. The device types the 6 code digits to the host as if from a normal keyboard.*

<Note>
  If the countdown reaches 0 before you confirm, the code regenerates automatically — you don't have to re-enter the time.
</Note>

***

## Step 5 — Subsequent codes in the same session

While the device stays plugged in, you won't have to re-enter date and time. The next time you enter a 2FA field (in any credential), you jump straight to step 4 with a code computed using the current time.

<img src="https://mintcdn.com/depbit/p6YzZPVAl__6h8gW/images/steps/totp-codes-05-next-code.svg?fit=max&auto=format&n=p6YzZPVAl__6h8gW&q=85&s=6d69cce7266196e2cc2ec41c1c15c23f" alt="Next code in session" width="884" height="283" data-path="images/steps/totp-codes-05-next-code.svg" />

*Short-press **Center** to type the code to the host, or **Left** to return to the credential's main view without typing anything.*

***

## Quick reference

| Screen           | Useful buttons                                                    |
| ---------------- | ----------------------------------------------------------------- |
| `2FA (OK)` field | **Center** → enter TOTP flow                                      |
| `2FA --` field   | (no secret loaded, nothing to do)                                 |
| Enter date       | **Up/Down**: digit · **Left/Right**: cursor · **Center**: confirm |
| Enter time       | Same as date                                                      |
| View code        | **Center**: type to host · **Left**: exit                         |

***

## Next steps

<CardGroup cols={2}>
  <Card title="Import TOTP secrets" icon="cloud-arrow-up" href="/getting-started/importing-credentials">
    How to load the Base32 secret from your service into a credential.
  </Card>

  <Card title="Create your first credential" icon="key" href="/getting-started/first-credential">
    If you don't have credentials with TOTP yet, start by creating one.
  </Card>
</CardGroup>
