Tools for FIDO security keys

FIDO2 Keys can be managed and configured using standard operating systems tools. No special tool installation is needed to start using the FIDO keys, as most modern browsers will prompt to set a PIN when required, and both authentication and enrollment are handled through the browser's standard API. Additional tools may only be needed for specific tasks, such as changing the PIN, viewing or deleting passkeys, enforcing PIN entry, resetting, and other advanced configurations.

 

Managing native FIDO Functions

Discover tools that leverage the native FIDO2 functionality of your keys for secure authentication and access control.

  • FIDO2.1 Manager

    The FIDO2.1 Security Key Management Tool is a utility designed to manage and interact with FIDO2.1 security keys. It provides functionalities to view information, manage relying parties, and perform various operations on connected FIDO2.1 devices. This tool can be used with any FIDO2.1 security key, not only the ones from Token2. FIDO2.1 Manager tool is created with PowerShell and is open-source.

  • Standard Windows control panel tool

    You can use the standard Windows control panel tool to manage your key, as long as you run Windows 10 build 1903 or later. Please note that the standard control panel applet has some limitations: i.e. it cannot remove individual fingerprints in the Bio FIDO2 Keys and cannot manage TOTP profiles.

  • Chromium-based web browsers

    If you are using macOS or Linux, you can manage your FIDO2 keys using the tool integrated into the latest Chromium based browsers, such as Google Chrome (starting from v80).

  • Linux

    Based on existing libfido2 toolset, fido2-manage is an open-source tool allowing to manage FIDO2.1 devices over USB or NFC, including Passkey (resident keys) management. It also provides a GUI written in Python/tkinter.

  • macOS

    This project represents an adaptation of the original fido2-manage library with macOS, focusing exclusively on command line functionality (no GUI available yet). You will need to have Homebrew for required libraries and dependencies. Currently, this project is in its early development stage.

FIDO2/Passkeys Demo

Additional functionality (HOTP and TOTP)

Enhance your FIDO2 key's capabilities by adding HOTP and TOTP applets for generating one-time passwords. The FIDO2 USB Security keys are not standalone TOTP tokens:  TOTP functionality of our FIDO2 keys is limited and requires an additional device (i.e. a PC, Android phone or iPhone)  to run the companion app. The key in this case is only used as secure storage for the TOTP seeds.


Important!: In the realm of online security, MFA is essential, but relying solely on OTP has limitations. To bolster your protection, prioritize FIDO protocols like U2F and WebAuthN over OTP. FIDO offers superior phishing resistance, immunity to replay attacks, seamless user experience with biometrics or security keys, and broader industry support. We suggest using the OTP capability of our security keys, described below, only in situations where native FIDO protocols are not supported.
If you need a fully standalone TOTP token, it is recommended to use our programmable tokens instead.

  • TOTP Viewer & T2F2 OTP CLI tool for Windows

    Manage and use TOTP/HOTP codes using a PC/SC device (USB NFC) or directly via USB. The package contains a command line tool (portable, no installation needed) and a GUI app.

  • Token2 T2F2 OTP CLI tool

    Manage and use TOTP/HOTP codes via Python CLI script using a PC/SC device (USB NFC) or directly via USB. A cross-platform solution that has been tested under Windows, macOS and Linux platforms. The package also includes a GUI wrapper for the CLI tool, called TOTP Viewer.


  • Mobile platforms


  • Android Companion App

    The app enables you to set and use TOTP profiles on an Android device (via NFC or via USB/OTG)

  • iOS Companion App

    The app enables you to set and use TOTP profiles on a iPhone (via NFC)