Products
TOTP Functionality bundled with FIDO2 security keys
With these key you can securely store the secrets for your TOTP profiles, using our companion app (available for iPhone, Android and Windows) to generate the OTPs.
While these keys can function as TOTP tokens through an accessory app, we strongly advise prioritizing native FIDO authentication over TOTP methods.
Unlike TOTP codes, which can be vulnerable to phishing or replay attacks, native FIDO protocols utilize the robustness of public-key cryptography, making them exceptionally resilient against such threats.
Blog
17-06-2026
An open-source, cross-platform way to manage your Token2 keys: Companion App - Rust edition
Token2 Companion - Rust edition - an open-source, cross-platform desktop tool for managing Token2 keys, and keys from other vendors too. It runs on Windows, macOS, and Linux, and the whole thing is open source: you can read it, audit it, build it, and extend it.
04-04-2026
Understanding FIDO User Verification Modes and the always_uv Setting
Token2 R3.3 and later FIDO2 keys enforce user verification by default with always_uv = true, improving security, though some platforms and apps like Windows 10, macOS, and certain legacy clients may fail to handle this override correctly.
05-03-2026
Introducing TOTPVault — self-hosted TOTP management for teams
Most TOTP apps work by distributing copies of the secret to every person who needs access — fine for personal accounts, but for shared service accounts it means MFA secrets scattered across people's phones with no clean way to revoke access when someone leaves.