Silicon Scripted
🔐 Core Features

TOTP / 2FA Codes

Silicon Secure stores TOTP secrets and shows live, auto-refreshing six-digit codes — so you don't need a separate authenticator app. Your 2FA codes live right alongside the passwords they protect.

What Is TOTP?

TOTP stands for Time-based One-Time Password. It's the technology behind most "authenticator app" two-factor authentication codes — the ones that refresh every 30 seconds. When you enable two-factor authentication (2FA) on a website, the site gives you a secret key (usually displayed as a QR code). An authenticator app stores that secret and uses it along with the current time to compute a six-digit code on a 30-second cycle.

Silicon Secure does this natively, so your TOTP codes are stored securely in your encrypted vault alongside the username and password for that account.

Adding a TOTP Secret to an Existing Entry

This is the most common workflow — you've already enabled 2FA on a site and you want to store the code in the same vault entry as the password.

  1. Open the entry and tap Edit

    Find the vault entry for the site in question, open it, and tap the Edit (pencil) button.

  2. Tap "Add TOTP"

    Scroll down in the edit form to find the Add TOTP option and tap it.

  3. Scan the QR code or enter the secret manually

    Most sites display a QR code when setting up an authenticator — tap Scan QR Code to use your camera. If you only have the text secret (a long string of letters and numbers), tap Enter Manually and paste or type it in.

  4. Tap Save

    The TOTP secret is now stored in the entry. A live six-digit code with a countdown timer will appear in the entry detail view.

⚠ī¸

Save your backup codes

When enabling 2FA on any site, always save the backup/recovery codes the site provides. If you ever lose access to your vault, backup codes are the only way to get back into the account.

Adding a Standalone TOTP Entry

If you want to store a TOTP code without attaching it to a password entry — for example, for an account that uses a separate login flow — you can create a standalone TOTP entry.

  1. Tap + to create a new entry

    From the vault, tap + and select TOTP Code as the entry type.

  2. Enter a title and the TOTP secret

    Give it a recognizable name and scan the QR code or enter the secret manually.

  3. Tap Save

    The TOTP entry appears in your vault list and shows a live code with a countdown.

Using a TOTP Code

Open the vault entry and the current six-digit code is displayed with a circular progress indicator showing how many seconds remain before it refreshes. Tap the code to copy it to your clipboard. The next code is computed automatically when the 30-second window expires — you never need to tap refresh.

When using iOS AutoFill, Silicon Secure can suggest the TOTP code directly on the keyboard so you can paste it into the verification field without switching apps.

How TOTP Works (Technical Detail)

TOTP codes are computed on-device using the HMAC-SHA1 algorithm defined in RFC 6238. Silicon Secure takes the stored secret key and the current Unix timestamp (divided by 30 to get the current time window), hashes them together, and extracts a 6-digit code from the result. Your device clock must be accurate — if codes are consistently rejected by a site, check that your device time is set to automatic in iOS Settings → General → Date & Time.

ℹī¸

TOTP secrets are encrypted at rest

The secret key used to generate codes is stored encrypted in your vault using AES-256-GCM, the same as all other vault data. It is never transmitted to any server.