Products
World's first TOTP hardware tokens with the time synchronization feature
The system clock of these tokens can be adjusted using our "burner" or USB config apps, available under Android, Windows, iPhone, Linux and macOS.
This feature allows to avoid time drift issues with TOTP tokens without time sync as all hardware tokens have a natural tendency of their built-in clocks to become out of sync with time.
|
Unrestricted time sync C302i, Molto-* (all variations) , miniOTP-2i and OTPC-P1i |
With these models, the time can be set keeping the current seed. This does not introduce any additional risks for Molto series as they can be protected with configuration password. |
| Restricted time sync miniOTP-3i, OTPC-P2i and C301i |
With these models, setting the time will automatically clear the seed for security purposes (to avoid the risk of a replay attack) |
Blog
04-04-2026
Understanding FIDO User Verification Modes and the always_uv Setting
Token2 R3.3 and later FIDO2 keys enforce user verification by default with always_uv = true, improving security, though some platforms and apps like Windows 10, macOS, and certain legacy clients may fail to handle this override correctly.
05-03-2026
Introducing TOTPVault — self-hosted TOTP management for teams
Most TOTP apps work by distributing copies of the secret to every person who needs access — fine for personal accounts, but for shared service accounts it means MFA secrets scattered across people's phones with no clean way to revoke access when someone leaves.
21-12-2025
Android, NFC, and the Missing Piece of WebAuthn
For years, Android users have faced a frustrating limitation—Android does not support CTAP2 over NFC. This means no PIN verification and no discoverable credentials (passkeys) when using NFC, and therefore limited to simple U2F-style flows without user verification. That said, there finally seems to be a solution.