Token2 programmable tokens are a "drop-in" replacement of OTP mobile apps (such as Google Authenticator or similar). They can be used with authentication backends requiring TOTP tokens and are compatible with services generating the seed at the server side (and not allowing to import seeds), such as Google, Facebook, VKontakte, Dropbox, GitHub, Kickstarter, Microsoft, TeamViewer, and others.
Special Android or Windows applications (i.e. Token2 Burner app) should be used to "burn" the secret hash seeds. The apps require an NFC module to operate.
This table below provides a list of the available burner applications for different models of Token2 programmable tokens
|Token2 NFC burner for miniOTP-1||miniOTP-1 ||Reseeding|
Changing time offset (30/60sec.)
|Token2 NFC burner 2||miniOTP-2, miniOTP-3, OTPC-P1, C300, C301 ||Reseeding|
|Token2 NFC burner for Windows 0.0.1.beta||miniOTP-2, miniOTP-3, OTPC-P1, C300, C301 ||Reseeding|
|Windows NFC Burner|
This open-source toolset can be used to emulate a hardware token and as to perform OTP verification and drift detection. It can also be used to generate random seeds for programmable tokens and record generated data as CSV file for Azure MFA as described here.
The source code of Token2 TOTP Toolset is available under our GitHub repository. You can also use the hosted version.
Once the tokens are delivered, customers should request the secret keys by filling the request form. The serial numbers of the tokens are required to be entered. For tokens where the serial numbers are presented in barcode or QR code format, you can use the apps to avoid entering the serial numbers manually:
TOKEN2 Serial number reader (Android)
QRude Scanner (iOS - third party)