How not to do this.

While an online service such as https://webqr.com/ or https://www.qrstuff.com/scan are fine for normal QR codes they should never be used for TOTP QR Codes.

What inside the QR CODE

A TOTP QR code contains the following details (all values are placeholders).

     Hex secret: 3132333435363738393031323334353637383930
     Base32 secret: GEZDGNBVGY3TQOJQGEZDGNBVGY3TQOJQ
     Digits: 8
     Window size: 0
     TOTP mode: SHA1
     Step size (seconds): 30
     Start time: 1970-01-01 00:00:00 UTC (0)
     Time now: 2033-05-18 03:33:20 UTC (2000000000)
     Counter: 0x3F940AA (66666666)

For more information visit oathtool

Decode QR code locally

Install

Mac

 install zbar

Windows(WSL), Linux

 apt-get install zbarimg

Example

/mnt/c/Users/rough$ zbarimg /mnt/c/tmp/a.png
otpauth://totp/hub.docker.com:{username}?algorithm=SHA1&digits=6&issuer=hub.docker.com&period=30&secret={Key}

You can now store the OTPAUTH URI in your favorite password manager or add the {Key} so that your password manager can generate the TOPT code.

How to add your TOPT key to LastPass