diff --git a/phpstan.neon b/phpstan.neon
index 9cb0a821528c05e82c1f29abc1fcb84e9e4ff5c2..e55b63567665aea4c8f07671e5507d964f764804 100644
--- a/phpstan.neon
+++ b/phpstan.neon
@@ -5,6 +5,7 @@ parameters:
         - tests
     ignoreErrors:
         - '#Variable property access on \$this\(OTPHP\\OTP\)\.#'
+        - '#^Method OTPHP\\OTP::generateSecret\(\) should return non-empty-string but returns string\.$#'
 
 includes:
     - vendor/phpstan/phpstan-strict-rules/rules.neon
diff --git a/src/HOTP.php b/src/HOTP.php
index b717e13ac7551f9723c5feb9242e4b85ea594152..dd297ace34e6906d27a791a0e76772a6b7916224 100644
--- a/src/HOTP.php
+++ b/src/HOTP.php
@@ -6,7 +6,6 @@ namespace OTPHP;
 
 use InvalidArgumentException;
 use function is_int;
-use ParagonIE\ConstantTime\Base32;
 
 /**
  * @see \OTPHP\Test\HOTPTest
@@ -39,9 +38,7 @@ final class HOTP extends OTP implements HOTPInterface
 
     public static function generate(int $counter = 0, string $digest = 'sha1', int $digits = 6): self
     {
-        $secret = Base32::encodeUpper(random_bytes(64));
-
-        return new self($secret, $counter, $digest, $digits);
+        return new self(self::generateSecret(), $counter, $digest, $digits);
     }
 
     public function getCounter(): int
diff --git a/src/OTP.php b/src/OTP.php
index f590668824995c6118c80d7b402fc44e5799da67..d51ea7b3cfa21e86ce4eab9b64d650f0bf0e0c42 100644
--- a/src/OTP.php
+++ b/src/OTP.php
@@ -36,6 +36,14 @@ abstract class OTP implements OTPInterface
         return $this->generateOTP($input);
     }
 
+    /**
+     * @return non-empty-string
+     */
+    final protected static function generateSecret(): string
+    {
+        return Base32::encodeUpper(random_bytes(64));
+    }
+
     /**
      * The OTP at the specified input.
      */
diff --git a/src/TOTP.php b/src/TOTP.php
index 3835881c70937bd640599bc2f07c155d80d5ff13..61b81048a35dfd8c3ddd055d9ee4c767ae2c3f83 100644
--- a/src/TOTP.php
+++ b/src/TOTP.php
@@ -6,7 +6,6 @@ namespace OTPHP;
 
 use InvalidArgumentException;
 use function is_int;
-use ParagonIE\ConstantTime\Base32;
 
 /**
  * @see \OTPHP\Test\TOTPTest
@@ -46,9 +45,7 @@ final class TOTP extends OTP implements TOTPInterface
         int $digits = 6,
         int $epoch = 0
     ): self {
-        $secret = Base32::encodeUpper(random_bytes(64));
-
-        return new self($secret, $period, $digest, $digits, $epoch);
+        return new self(self::generateSecret(), $period, $digest, $digits, $epoch);
     }
 
     public function getPeriod(): int