PIV Management Tools & MiniDriver
Personal Identity Verification (PIV) is a standard defined by NIST SP 800-73 and adopted by Microsoft as a smart card framework for secure authentication and identity management. PIV devices, such as Token2 security keys and cards with PIV feature, store cryptographic certificates and keys, enabling secure login, digital signatures, and certificate-based authentication. In Windows environments, Microsoft refers to these devices as Smart Card Logon devices, which integrate with Active Directory and other enterprise systems.
The PIV Management and MiniDriver tool provides a simple and convenient way to configure Token2 FIDO2 devices operating in PIV mode. Using the Windows miniDriver, users can manage essential PIV functions such as PIN setup, PIN changes, and basic card configuration. The tool includes:
- User PIN management
- PUK and Admin PIN management
- Basic PIV configuration functions
Important: The PUK and Admin PIN can be used to unlock the User PIN. For security, all default PINs should be changed immediately.
Windows
The PIV MiniDriver and management tool are currently available for Windows. Users can install the middleware to enable native integration with Windows Smart Card components and perform PIN and configuration management.
Why the MiniDriver Is Needed
The Windows PIV MiniDriver enables the operating system to communicate with Token2 devices using the native Smart Card framework. This is essential for performing operations such as adding or managing certificates through the standard Windows certificate UI. Without the miniDriver, Windows cannot properly interface with the device to complete tasks like CA self‑enrollment, certificate import, or key usage validation.
For example, the miniDriver is needed to configure smartcard-based certificate enrollment and login with Windows on-premises Active Directory.
macOS
Linux
Subscribe to our mailing list
Want to keep up-to-date with the latest Token2 news, projects and events? Join our mailing list!