Skip to content
Discord OTP Forcer

Discord OTP Forcer

Brute-forces 6-digit TOTP codes and 8-digit backup codes.
User Guide View on Codeberg Improve Docs

TOTP & Backup Code Brute Force

Brute forces 6-digit TOTP codes (1 million possible codes) and 8-digit backup codes (2.82 trillion possible codes), including the Password Reset page.

Smart Search Patterns

If you remember parts of your backup codes, you can use regex templates to find them much faster.

Automatic Recovery

The script handles rate limits automatically, waits for you to complete the hCaptcha, and saves your login token upon success.

Simple Configuration

Quickly set up your account details and adjust the program to your liking using easy-to-edit configuration files.

Privacy & Statistics

Blocks analytics URLs like Cloudflare, Discord Science, and Sentry.io. Automatically prints useful session stats when finished.

Multi-Platform

Works out of the box on Windows, Linux, and macOS with no extra steps required.

Why was it created?

Section titled “Why was it created?”

In December 2021, Derpitron, the original creator, lost access to their passwords and OTP list due to a file syncing issue. They were able to recover most of their credentials, except for a secondary Discord account. When contacting Discord Support, they were informed that due to strict security policies, 2FA could not be disabled for that account. As a proof-of-concept, this script was developed to systematically brute-force randomly generated 6-digit numbers into the Discord login’s TOTP field.

Contributors

Section titled “Contributors”

Brought to you by the amazing open-source community.

Derpitron
Derpitron Maintainer
Luminaex
Luminaex Collaborator
Inbydev
Inbydev Collaborator
RJMcBug
RJMcBug Contributor
progressEdd
progressEdd Contributor
nyathea
nyathea Contributor

Copyright (C) Derpitron 2026
This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details.

You should have received a copy of the GNU Affero General Public License along with this program. If not, see https://www.gnu.org/licenses/.

Tldr; I am not responsible for anything you do with this script, and I do not condone (but cannot prevent) the usage of this script to hack into accounts which you do not properly own. The onus is on you to not be evil. Read the License for full information on your rights and responsibilities which pertain to this program.