shopping cart   0



TOKEN2 Blog


PolKit vulnerability (CVE-2021-4034)

product updates

27-01-2022

A memory corruption vulnerability (CVE-2021-4034) in PolKit, a component used in major Linux distributions and some Unix-like operating systems, can be easily exploited by local unprivileged users to gain full root privileges.


read more



Using classic tokens for Native OTP Authentication with NetScaler

integration guides

23-12-2021

Citrix ADC(NetScaler) supports one-time passwords (OTPs) without having to use a third-party server. One-time password is a highly secure option for authenticating to secure servers, as the number or passcode generated is random.


read more



Log4Shell (CVE-2021-44228)

product informaion

15-12-2021

Token2 is aware of the RCE vulnerability in the Apache Log4j , classified by the Apache security team as a critical severity issue (CVE-2021-44228).


read more



Delegation of rights in Azure MFA

integration guides

07-12-2021

Azure administrators need to have Global Administrator role to work with MFA, particularly to import and activate OATH tokens. Sometimes they want to delegate this task to service desk team, but to achieve this they need to delegate GA rights too. In this article, we would like to talk about a couple of solutions that would be usefull for administrators in managing MFA.


read more



TOTPRadius : Azure AD Proxy mode

product updates

16-11-2021

The LDAP proxy mode of TOTPRadius was introduced as a workaround for implementing 2FA access for systems without native support for multiple authentication sources. This works perfectly fine for organizations with full on-premises or hybrid Active Directory implementations where domain controllers can be accessed over the local network directly using LDAP protocol. But we are discovering more and more organizations moving to full cloud Azure AD implementation while keeping some services, such as VPN, on-premises. As the LDAP interface of Azure AD is not accessible directly, it was not possible to configure TOTPRadius to use Azure AD as its authentication source.


read more



The Network Policy Server (NPS) extension for Azure. Verification methods.

integration guides

16-11-2021

The Network Policy Server (NPS) extension for Azure Multi-Factor-Authentication (Azure MFA) provides a simple way to add cloud-based MFA capabilities to your authentication infrastructure using your existing NPS servers.


read more



Securing Salesforce with Token2 Security keys or TOTP Tokens

integration guides

20-10-2021

To protect your Salesforce account and data from unauthorized access, your org can require an extra layer of security when you log in.


read more



How to transfer TOTP profiles from Authy to a Token2 hardware token

tools

16-09-2021

Authy remains one of the most popular TOTP application used for 2FA due to its user-friendly features, such as centralized backup. As this feature is based on phone numbers (Authy uses your mobile phone number to identify or reset your account), which may be vulnerable to sim-swap attacks, some users may want to migrate from Authy to hardware tokens. Or, alternatively, users may need to clone/backup their existing TOTP profiles to hardware tokens.


read more



Hardware tokens for PPTP VPN on Windows Server using TOTPRadius

integration guides

16-09-2021

TOTPRadius can be used if you need to have hardware tokens as the second factor for two-factor authentication with Windows Server based PPTP VPN. You can enroll the same tokens as with Azure MFA, so your users can use the same hardware token for both Office 365 and VPN Access. The guide below explains how you can integrate TOTPRadius with Windows Server to achieve this.


read more



How to transfer TOTP profiles from Google Authenticator to a Token2 hardware token

tools

15-07-2021

Presenting Token2 Migration toolset, a tool to convert the Google Authenticator's export file to formats possible to be uploaded or burnt to Token2 hardware tokens.


read more



Molto-2 v2, the second revision of our most popular multi-profile TOTP hardware token

product updates

29-06-2021

A new version of our popular Molto-2 token is coming.


read more



Token2 TOTPRadius v0.2.5 has been released

product updates

05-03-2021

Starting from v0.2.5 TOTPRadius provides new ways of connecting to your corporate VPN systems based on L2TP, such as Meraki Client VPN or Fortinet VPN . The new web-based VPN portal allows logging in using additional methods, such as FIDO Security keys, both in Passwodless mode (if FIDO2 keys are used) and using the keys as the second factor (allowing to use legacy U2F FIDO hardware), as well as Azure AD SSO via OAuth2 protocol.


read more



Azure AD - Protecting user accounts with FIDO2 keys without MFA requirement

integration guides

02-03-2021

FIDO2 keys as a security method is available with Microsoft Azure AD for already a couple of years now. Being the most secure access method available for Office 365 user access, enrolling FIDO2 security keys had a requirement of MFA to be configured for the users, which made it useless for use cases where users do not have (or do not want) to use multiple devices to log in. This has finally changed!


read more



UserLock v11 released, now with Token2 Security keys native support

integration guides

11-02-2021

UserLock now supports the use of Token2 Security keys as a second factor authentication.


read more



Programmable hardware tokens for Office 365 - is self-service possible?

integration guides

08-02-2021

With NFC tokens, the provisioning is done by the IT person equipped with software and hardware that allows burning seeds onto programmable hardware tokens (i.e. an Android device with NFC, iPhone 8 or newer for “-i” models etc.). . However, we have many customers asking if this process can be done by end-users in a fully autonomous manner.


read more



Connecting to VPN with FIDO Security keys using TOTPRadius FIDO-VPN Interface

product updates totpradius

28-11-2020

Multi-factor authentication for VPN systems, such as Meraki Client VPN or Fortinet VPN will be possible using FIDO Security keys, both FIDO2 and U2F.


read more



Two Factor Authentication in VMware Horizon View with TOTPRadius

integration guides

30-10-2020

VMware Horizon View enables you to access a virtual desktop from anywhere, anytime.


read more



Hardware tokens for PayPal Two-Factor Authentication

integration guides

25-10-2020

Until around 2019, PayPal offered two-factor authentication security via SMS only. And while SMS 2FA is better than no 2FA at all, users wanted better protection. Now you can secure your PayPal account with a hardware token, by using Token2 programmable hardware token as a drop-in replacement of mobile authenticator apps.


read more



Hardware tokens for Zoom Two-Factor Authentication

integration guides

15-09-2020

In a recent blog post, Zoom announced the launch of two-factor authentication for all users. With this feature, Zoom attempts to protect the users from potential security breaches.


read more