Products
Multiprofile programmable tokens
Token2 Molto-1 and Molto2 are world's first programmable multi-profile hardware tokens. Having a multi-profile programmable hardware token means you can have only one device to protect many accounts (up to 10 with Molto1 and up to 100 with Molto2).
These devices can be configured with different hash types (sha1 or sha256), time offset (30 seconds or 60 seconds), number of digits (4, 6 , 8 or 10 digits)
Blog
04-04-2026
Understanding FIDO User Verification Modes and the always_uv Setting
Token2 R3.3 and later FIDO2 keys enforce user verification by default with always_uv = true, improving security, though some platforms and apps like Windows 10, macOS, and certain legacy clients may fail to handle this override correctly.
05-03-2026
Introducing TOTPVault — self-hosted TOTP management for teams
Most TOTP apps work by distributing copies of the secret to every person who needs access — fine for personal accounts, but for shared service accounts it means MFA secrets scattered across people's phones with no clean way to revoke access when someone leaves.
21-12-2025
Android, NFC, and the Missing Piece of WebAuthn
For years, Android users have faced a frustrating limitation—Android does not support CTAP2 over NFC. This means no PIN verification and no discoverable credentials (passkeys) when using NFC, and therefore limited to simple U2F-style flows without user verification. That said, there finally seems to be a solution.