|Form-factor||pocket calculator format|
PIN protection feature, config protection password
|Google Account||fully compatible|
|Azure On-Prem MFA Server||fully compatible|
|Azure Cloud MFA / Office 365 AD Premium P1 or P2||fully compatible|
|Azure Cloud MFA / Office 365 AD Free/Basic||fully compatible|
|Stripe Dashboard||fully compatible|
|Meraki Dashboard||fully compatible|
|ISDecisions UserLock||fully compatible|
|ESET Secure Authentication||fully compatible|
|Watchguard AuthPoint||fully compatible|
Not listed here
Please check product and platform compatibility before placing an order
All pictures shown are for illustration purpose only. Actual product may slightly vary due to product enhancement or other reasons.
Token2 Molto-1-i Multi-profile TOTP hardware token
Molto-1-i supports long seeds (up to 128 base32 chars) and can be configured with different hash types (sha1 or sha256), time offset (30 seconds or 60 seconds), number of digits (6 or 8 digits) and an optional PIN code protection
|TOTP Profiles||up to 10|
|Programmable||via NFC using Windows, iPhone, Android app or cross-platform Python script|
|NFC Access||Password protected - password can be changed|
|Time step||30 or 60 seconds|
|OTP Length||4, 6, 8 or 10 digits|
|Maximal seed length||160 HEX (128 base32)|
|Seed hash algorithm||SHA-1 or SHA-256|
|Extra security||PIN protection - OTPs will not show without the correct PIN code entered|
iPhone App guide Python script
Q. What is the difference between Molto-1-i and Molto-1 ?
A. Molto-1-i works with Android, Windows and iPhone apps as well as the python script . Molto-1 supports only Windows and Android apps. Additionally, Molto-1-i has PIN protection feature.
Q. How secure is the procedure of programming/seeding the Molto-1-i via NFC?
A. There is absolutely no way to retrieve the seeds anyhow from the device. However, to fully ensure security, in particular, to prevent replay attack by modifying the system time (which is a highly demanded feature to solve the time drift issues) Molto-1 can be protected by setting an NFC access password. New devices will come with a default NFC access password which can be changed immediately. To prevent brute-force attack, the devices will be reset to factory defaults after around 100 unsuccessful NFC access attempts.
Q. What if I have set an NFC access password and forgot it. Does it mean that I can no longer use Molto-1?
A. No, you can still use it by resetting to factory default. This reset will set NFC access password to default, but the operation will also clear all TOTP profiles (seeds and settings).
Q. How long does the battery last?
A. Battery life depends on usage. Burning/programming operations via NFC consume a lot more power, so we must take that into account as well. As a rough estimation, if a token is used a few times per day (i.e. each profile is used once - so 10 button presses a day) and the NFC operations are not very frequent (i.e. not more than once a month) - the Molto-1 token will last for 4-5 years.
Q. Will I lose access to the TOTP profiles when the battery is dead?
A. Yes, but you will have enough time to prepare. Molto-1 will have a battery indicator on the display (). The indicator will show the status throughout the life of the token () . You should replace your token (and migrate the TOTP tokens by resetting the second factor on each respective service) when the indicator shows the battery level as "empty" () - you will still have a couple of months to do this.
NFC Reader/Writer device for Token2 NFC Burner for Windows and T2F2-NFC FIDO2 Keys
NFC Reader/Writer device for Token2 NFC ...Order
Azure AD Authentication methods policy migration
In an effort to enhance security and streamline administration, Microsoft introduced the Authentication methods policy for Azure AD. This policy allows administrators to manage the MFA and SSPR settings from a single location, simplifying the overall user experience. However, it's important to note that the migration process has a limitation when it comes to hardware OATH tokens.
Molto2 Receives "Certified Product" Badge from Independent Third-Party Assessment by SySS GmbH
At our company, we believe in delivering safe and secure products to our customers. That's why we engaged SySS GmbH, an independent third-party security company, to conduct a thorough security assessment of our product, Molto2. We are proud to announce that Molto2 has passed this assessment with flying colors and has received a "Certified Product" badge from SySS GmbH.
Introducing Token2 FIDO2 PIN+: The Security Key That Enforces Strong PIN Complexity
We are excited to announce the upcoming launch of our latest product variation, the Token2 FIDO2 PIN+. The PIN+ series is a new variation of our existing security keys that deviates from the FIDO2 standards to provide stronger PIN complexity enforcement.