Token2 programmable tokens are a "drop-in" replacement of OTP mobile apps (such as Google Authenticator or similar). They can be used with authentication backends requiring TOTP tokens and are compatible with services generating the seed at the server-side (and not allowing to import seeds), such as Google, Facebook, VKontakte, Dropbox, GitHub, Kickstarter, Microsoft, TeamViewer, and others.
Special Android, iPhone, or Windows applications (i.e. Token2 Burner app) should be used to "burn" the secret hash seeds. The apps require an NFC module to operate. iPhone apps only work with models with part numbers ending with "-i" (i.e. C301-i) and only with iPhones newer than iPhone 7 and iOS version 13 or higher.
This table below provides a list of the available burner applications for different models of Token2 programmable tokens. The table is interactive: you can choose the token model in the first column, then the platform in the second column to see if the combination is supported.
|Choose token model||Choose platform|
|C301, C302||Android||Google Play|
|C301, C302||Windows||Windows NFC Burner|
|C301-i, C302-i||Android||Google Play|
|C301-i, C302-i||Windows||Windows NFC Burner|
|C301-i, C302-i||iPhone||iPhone app guide|
|miniOTP-2, miniOTP-3||Android||Google Play|
|miniOTP-2, miniOTP-3||Windows||Windows NFC Burner|
|OTPC-P1, OTPC-P2||Android||Google Play|
|OTPC-P1, OTPC-P2||Windows||Windows NFC Burner|
|miniOTP-2-i, miniOTP-3-i||Android||Google Play|
|miniOTP-2-i, miniOTP-3-i||Windows||Windows NFC Burner|
|miniOTP-2-i, miniOTP-3-i||iPhone||iPhone app guide|
|OTPC-P1-i, OTPC-P2-i||Android||Google Play|
|OTPC-P1-i, OTPC-P2-i||Windows||Windows NFC Burner|
|OTPC-P1-i, OTPC-P2-i||iPhone||iPhone app guide|
|Molto-1||Android||Android app guide|
|Molto-1||Windows||Windows app guide|
|Molto-1-i||Android||Android app guide|
|Molto-1-i||Windows||Windows app guide|
TOKEN2 Companion app is a tool to leverage the use of TOKEN2 FIDO2 security keys (second-generation only, T2F2-ALU, and T2F2-NFC) beyond classic U2F and standard FIDO2/WebAuthn functionality. The app enables you to set and use TOTP profiles on a computer or on an Android device (NFC or USB/OTG) as well as iOS (with NFC only). The guides are available below:
This open-source toolset can be used to emulate a hardware token and as to perform OTP verification and drift detection. It can also be used to generate random seeds for programmable tokens and record generated data as CSV file for Azure MFA as described here.
The source code of Token2 TOTP Toolset is available under our GitHub repository. You can also use the hosted version.
Once the tokens are delivered, customers should request the secret keys by filling the request form. The serial numbers of the tokens are required to be entered. For tokens where the serial numbers are presented in barcode or QR code format, you can use the apps to avoid entering the serial numbers manually:
TOKEN2 Serial number reader (Android)
Token2 QR Scanner (iOS)