The Token2 Configuration Tool (token2-config.exe) is a versatile and robust command-line utility specifically designed for configuring Token2 TOTP NFC Programmable tokens.
This feature-rich tool is engineered to seamlessly integrate into batch files, allowing you to effortlessly automate an array of token programming and management tasks, ensuring enhanced efficiency and control over your token deployment and maintenance procedures.
Example 1: Automate Token Configuration
Note: This operation is needed only if you have a requirement to use your own seeds instead of the factory-set seeds. All tokens come with factory-set seeds.
Suppose you have a batch of new 2nd generation TOTP NFC Programmable tokens that need to be configured. You can create a batch file to program these tokens in sequence:
@echo off rem Configure multiple tokens with different seeds token2-config.exe --seed JBSWY3DPEHPK3PXPJBSWY3DPEHPK3PXP --time 0 --step 1 --algo 1 --sleep 2 --reader 1 --results-file token1_result.txt pause echo Place the next token and press any key to continue... token2-config.exe --seed ABCDEFGHIJKLMNOPQRSTUVWXYZ12345678 --time 0 --step 2 --algo 2 --sleep 3 --reader 2 --results-file token2_result.txt pause echo Place the next token and press any key to continue... rem Add more tokens as needed
Example 2: Automate Token Initialization for Users
If you need to initialize tokens for multiple users, you can use a batch file to automate the process. The user and seed pairs are read from a CSV file (users.csv) with two columns:
User,Seed User1,JBSWY3DPEHPK3PXPJBSWY3DPEHPK3PXP User2,ABCDEFGHIJKLMNOPQRSTUVWXYZ12345678 User3,SOMEOTHERSEEDVALUE User4,ANOTHERSEEDVALUE
Here's the batch file to initialize tokens using the user and seed pairs from the CSV file:
@echo off
rem Initialize tokens for users from users.csv
for /f "tokens=1,2 delims=," %%a in (users.csv) do (
echo Place the token for %%a (seed: %%b) on the NFC pad and press any key to continue...
pause > nul
token2-config.exe --seed %%b --time 0 --step 1 --algo 1 --sleep 2 --results-file %%a_result.txt
echo Configuration for %%a complete. Press any key to continue...
pause > nul
)
Example 3: Automate Regular Token Updates (Infinite Loop)
Create a batch file to periodically update tokens to ensure they are synchronized with the correct time. This batch file runs in an infinite loop:
@echo off :loop rem Update tokens with new time and configuration token2-config.exe --time 0 --step 1 --algo 1 --sleep 2 pause echo Place the next token and press any key to continue... goto loop
Example 3 illustrates a possibility to sync time for models with unrestricted time sync, for other models updating the time will clear the seed for security reasons.
Example 4: Generate and burn random seeds using PowerShell
Open PowerShell session or create a ps1 script with the commands below:
1..32 | % { [String]$randkey += $(Get-Random -InputObject A,B,C,D,E,F,G,H,I,J,K,L,M,N,O,P,Q,R,S,T,U,V,W,X,Y,Z,2,3,4,5,6,7) }
# Execute the command with the generated seed
$cmd = "token2-config.exe --seed $randkey --results-file token2_result.txt"
Invoke-Expression $cmd
This will generate a random string of characters (letters A to Z and numbers 2 to 7, which is the base32 alphabet) and then use that string as a seed for a command-line executable (token2-config.exe) while also saving the results to a file (token2_result.txt). This file will contain the serial numbers of the tokens provisioned along with the written seed value, and can be used, for example, to create a csv file for Azure (Entra ID) MFA.
token2-config.exe
More information and download links are available hereuser guides
Subscribe to our mailing list
Want to keep up-to-date with the latest Token2 news, projects and events? Join our mailing list!