How to find your authenticator secret key

When you enable 2FA on a login form and want Beagle Security to test through it, you need to provide the TOTP secret key. This is the same key your authenticator app uses to generate time-based one-time passwords.

The steps below show you how to retrieve it from Google Authenticator and Microsoft Authenticator.

Google authenticator set-up:

1. Download the Google Authenticator app on your mobile device.
2. Go to the app or service you want to test and open its security settings. Look for two-factor authentication or two-step verification, then select the option to set up an authenticator app.
3. You will be shown a QR code on screen. Look for a link that says "Can't scan the QR code?", "Enter key manually", or "Manual setup" and click it.
4. The page will display a plain text secret key, usually a string of letters and numbers grouped in blocks (for example: JBSWY3DPEHPK3PXP).
5. Copy that key exactly as shown, without spaces.
6. Paste it into the "Authenticator Secret Key" field in Beagle Security's 2FA configuration panel and save.

Microsoft authenticator set-up:

1. Download the Microsoft Authenticator app on your mobile device from the App Store or Google Play. 
2. Go to the app or service you want to test and open its security settings. Look for two-factor authentication or two-step verification, then select the option to set up an authenticator app.
3. You will be shown a QR code on screen. Look for a link that says "Can't scan the image?", "Enter code manually", or similar and click it.
4. The page will display a plain text secret key. Copy this key exactly as shown, without spaces or extra characters.
5. In Beagle Security, open the authenticated testing configuration for your target application. Toggle on "My login form is 2FA enabled", expand the 2FA Enabled section, paste the key into the Authenticator Secret Key field, and click Save.

Updated on: 13/05/2026