Tools for hardware tokens and security keys


Burner apps for TOTP tokens


Special Android, iPhone, or Windows applications (i.e. Token2 Burner app) should be used to "burn" the secret hash seeds. The apps require an NFC module to operate. iPhone apps only work with models with part numbers ending with "-i" (i.e. C301-i) and only with iPhones newer than iPhone 8 and iOS version 13 or higher.

This table below provides a list of the available burner applications for different models of Token2 programmable tokens. The table is interactive: you can choose the token model in the first column, then the platform in the second column to see if the combination is supported.


Choose a token model  Choose platform 
miniOTP-1, C105 Android Google Play
miniOTP-1, C105 Windows burner.exe command line tool
C301, C302 Android Google Play
C301, C302 Windows Windows NFC Burner
C301-i, C302-i Android Google Play
C301-i, C302-i Windows Windows NFC Burner
C301-i, C302-i iPhone iPhone app guide
miniOTP-2, miniOTP-3 Android Google Play
miniOTP-2, miniOTP-3 Windows Windows NFC Burner
OTPC-P1, OTPC-P2 Android Google Play
OTPC-P1, OTPC-P2 Windows Windows NFC Burner
miniOTP-2-i, miniOTP-3-i Android Google Play
miniOTP-2-i, miniOTP-3-i Windows Windows NFC Burner
miniOTP-2-i, miniOTP-3-i iPhone iPhone app guide
OTPC-P1-i, OTPC-P2-i Android Google Play
OTPC-P1-i, OTPC-P2-i Windows Windows NFC Burner
OTPC-P1-i, OTPC-P2-i iPhone iPhone app guide
Molto-1 Android Android app guide
Molto-1 Windows Windows app guide
Molto-1-i  Android Android app guide
Molto-1-i  Windows Windows app guide
Molto-1-i  iPhone iPhone app guide
EVVIS-QR-1  Windows EVVIS-QR1 USB Config tool
Molto-2  Windows Molto-2 USB Config tool
Important! Please make sure you use the correct application, as using a wrong app may lock the device out.  While this authentication is implemented in some models (Molto1 and Molto2 etc.), in some models, such as C301, OTPC* and miniOTP* cards, NFC access is left unrestricted by design.    We use ready components for our cards (often called Java-chips) and they have by default NFC access authentication, the access key was hard coded , currently  "8A D20 688 3CA3 694 82 AB2 7182 B6E 832 24" for single profile tokens (which cannot be changed) and "544 F4B 454 E32 4D4 F4C 544 F31 2D4 B4 55 9" for multi-profile models (which can be changed) ; removing authentication routine completely would make the final cost of the products higher. While this does not compromise security (as it is only possible to write the seeds and never read) , using a wrong app will damage the card for this reason.

Prerequisites

NFC Tokens

Android devices should be equipped with an NFC chip. iPhone apps are compatible with models newer than iPhone 7 and with iOS v13 or higher.  Windows application will require an external USB NFC reader or a built-in NFC module (existing on some models of modern laptops). So far the application has only been tested under Windows 10 and Windows 8 64 bit.


USB Tokens

No additional device, driver nor any other installation is needed. USB cable is supplied (USB-A to micro-USB port), any standard USB cable can be used (with data support). For computers without USB-A ports, USB-Type-C adapters can be used.


Some devices (including some models of Android phones, such as Nexus and Pixels, some versions of ACR122 USB module) may have issues with NFC link stability, so please be patient when performing these operations. Read this article explaining the NFC link stability issues

TOKEN2 FIDO2 Security keys

FIDO2 Key management using Chromium based web browsers
If you are using macOS or Linux, you can manage your FIDO2 keys using the tools integrated into the latest Chromium based browsers, such as Google Chrome (starting from v80).

Manage FIDO2 keys under Linux or macOS

TOKEN2 FIDO2 Companion apps (Windows, iPhone and Android)

The FIDO2 USB Security keys are not standalone TOTP tokens:  TOTP functionality of our FIDO2 keys is limited and requires an additional device (i.e. a PC, Android phone or iPhone)  to run the companion app. The key in this case is only used as secure storage for the TOTP seeds. If you need a fully standalone TOTP token, it is recommended to use our programmable tokens instead.

Tools for hardware tokens and security keysTOKEN2 Companion app is a tool to leverage the use of TOKEN2 FIDO2 security keys (second-generation only, T2F2-ALU, and T2F2-NFC) beyond classic U2F and standard FIDO2/WebAuthn functionality. The app enables you to set and use TOTP profiles on a computer or on an Android device (NFC or USB/OTG) as well as iOS (with NFC only). The guides are available below:


TOTP Toolset

Tools for hardware tokens and security keysThis open-source toolset can be used to emulate a hardware token and as to perform OTP verification and drift detection. It can also be used to generate random seeds for programmable tokens and record generated data as CSV file for Azure MFA as described here.
The source code of Token2 TOTP Toolset is available under our GitHub repository. You can also use the hosted version.




t2otp.exe - command-line tool


Tools for hardware tokens and security keysThis tool is created as a command-line emulator of Token2 hardware tokens. It is hardcoded to generate 6 digits, with 30 seconds window, and sha-1 secrets only. Check this page for more information and download.


Inventory apps

Once the tokens are delivered, customers should request the secret keys by filling the request form. The serial numbers of the tokens are required to be entered. For tokens where the serial numbers are presented in barcode or QR code format, you can use the apps to avoid entering the serial numbers manually:

TOKEN2 Serial number reader (Android)

Token2 QR Scanner (iOS)

Large Volume Orders
For large orders, Token2 offers volume discounts.If you are interested in larger volume orders, please contact us and we will get back with a quote immediately