Enabling Compliance with Password Policies
Mandylion Research Labs
  Main | Products | Purchase | Regulatory Compliance | Company Info | News

Welcome to our news section. This archive contains articles that mention our company, products or technology as well as noteworthy articles on the authentication industry
Latest News

Federal Computer Week Review
Leading Federal and State IT Publication reviews Mandylion’s next generation token and states its “ready for enterprise deployment”
more info

Wall Street Journal Review
WSJ article provides overview of how corporations are coping with password overload and favorably describes the Mandylion Token as the hardware token solution. more info

Military Information Technology Magazine
Respected Military Journal Reviews DoD program which matured Mandylion token technology. more info

Civilian Agencies Deploy
The Commerce Department’s National Weather Service, Treasury’s Bureau of Alcohol, Tobacco, Firearms & Explosives and the National Institutes of Health Deploy tokens. more info

DoD Funds Development
Mandylion Labs technology was matured and showcased as part of a 3 year Advance Concept Technology Development and Demonstration Project funded by DoD Advanced Systems and Concepts. more info

How Strong Are Your Passwords? Security experts cite weak passwords as one of the most critical security threats to your infrastructure. But just what is a strong password? Are their tools that can help me audit and quantify my risk? more info
Washington, DC. (April 19, 2006):
Mandylion Research Labs, LLC (Mandylion), is the manufacturer of the only DoD developed and approved password management token key fob. Today, it joined with Brooks•Littlefield Associates, Inc. (BLA), a premier government solutions provider, and announced that Mandylion's Policy Master Password Manager products will be exclusively made available through Brooks•Littlefield Associates' GSA Schedule (#GS-35F-4543G).

Password Frustrations Solved for around $20 Bucks
The Mandylion Password Manager is a key chain sized device that helps any user instantly create cryptographically strong, Government policy compliant passwords that immediately work with any web site, login or system. A key feature is that the device provides for the secure and convenient storage of a user’s passwords along with their automatic update. Passwords created with the device thwart all known brute force and dictionary type hacking attacks.

The token generates and manages up to 50 simultaneous login records. It is completely air-gapped from any system and fully self contained. To ensure purely random passcodes, algorithms embedded within the token’s hardwired firmware continuously sense and take input from the user's random and unique interaction with the device. The algorithms use this random data to generate passwords that can be customized to meet any password policy (i.e.: length, composition and renewal period, etc.).

The token complements the Federal smart card, eAuthentication and PKI programs. It works instantly with any login, any system and requires no client or host software or apparatus. There is nothing to install.

The device also allows security administrators to set the preferences and policies of each device on behalf of the user. This eliminates the need for the user to perform their own configuration of the unit.

Licensed in five-user starter kits, 25-user, 100-user and 500-user increments, with per-user Government pricing is approximately $19.74 a token. The total cost for tokens, cradles and configuration utilities for a typical 100-user installation is about $48 per user; about half the price of a cost of just one password reset according to industry statistics from firms like the Gartner Group, etc. For a typical 500-user installation, the Government cost is about $33 per user, complete.

DoD Pedigree
The device was designed under a DoD program to do away with the inherent weaknesses traditionally associated with the use of passwords; namely the individual being asked to create, remember and regularly change their passwords.

In 2003, Mandylion was sponsored/commissioned by the Coalition Information Assurance Common Operational Picture (C-IA COP) Advanced Concept Technology Demonstration (ACTD) of DISA to make certain changes to its basic product and demonstrate this technology at the 2003 & 2004 Joint Warfare Interoperability Demonstration (JWID) exercises. Upon demonstration, strong interest in the Mandylion technology was expressed among the JWID participants of the C-IA COP Coalition Interoperability Trial (CIT 07.01) as well as Coalition VIP’s which toured the exercise.

Needed: A Simple Tool, NOW
With deference to the advancement of authentication technology and biometrics under long-term study at DARPA and other DoD Research Labs, Combatant Commanders were concerned about today. They were concerned about the ability of the warfighter to generate, recall and manage multiple strong passwords in a high stress environment. Presenting this issue, the Combatant Commanders’ sought a simple and reliable tool, which could serve as a secure memory aide in the generation and recall of cryptographically strong passwords.

The ACTD matured the technology from “cult gadget” into a true enterprise “tool” via participation and feedback in two worldwide Military exercises, Joint Warfare Interoperability Demonstration (JWID) and over 60 DoD and Civilian Agency pilot programs funded by the ACTD.

Approved Policy Compliance Tool
With over 10,000 units sold and in use, Mandylion has been serving Governmental entities such as DISA, US Army, US Air Force, the VA, Treasury, ATF, US Courts, NIH, DHS, Interior and Commerce’s NOAA and Census since 1999 through open market buys and competitive procurements. Mandylion has also developed partnership agreements with key government integrators such as SAIC.

The collaboration between Mandylion and BLA enables Mandylion to offer its growing Federal customer base with the easy to use GSA acquisition vehicle for larger enterprise purchases of its technology.

GSA schedules are multiple award contracts established by the U.S. government to give Federal agencies—and state and local governments that utilize the schedules—a commercial-like purchasing vehicle of pre-approved products and services offered at commercial discounts. Schedule contracts provide vendors of products and services with simplified negotiation and contract procedures and give government customers the benefit of "most favored customer" pricing.

"We're pleased to announce our collaboration with Mandylion to provide their products to our government" said Craig Brooks, President of Brooks•Littlefield Associates. "Customers ordering Mandylion's products will benefit from Brooks•Littlefield Associates' account management expertise and the simplified ordering process that the GSA schedule provides."

Joe Grajewski, President of Mandylion added, “The GAO continues to report to Congress that Federal Information Security at each Agency of the Federal Government continues to have systemic and significant security risks due to poor password management by the Federal Agency’s employees.” Grajewski defended the Agencies’ poor showings by adding “Before we developed our patent pending technology, there was no real effective way to address this threat while at the same time providing the user with convenience.” “Because no technology existed, it was a 'do as I say, not as I do' attitude toward proper security.” “Now we have enabling technology which can truly advance Federal Information Security Policy by creating a culture of security among its computer users.”

For ordering information, please contact Brooks•Littlefield Associates at 877-328-0496 or email gsa-sales@brookslittlefield.net.

About Brooks•Littlefield Associates, Inc.
MBrooks•Littlefield Associates, Inc. is a government solutions provider delivering comprehensive technology solutions to Federal, state and municipal governments and business. For over a decade, BLA’s knowledgeable and technical sales staff has delivered fast, flexible service to its customers. Headquartered in Bethesda, MD, BLA specializes in information technology and information security services. For more information or to place an order, contact Brooks•Littlefield Associates at 877-328-0496; email info@brookslittlefield.net, or visit www.brookslittlefield.net.

About Mandylion Labs
The idea was inspired. Yet so simple. Rather than search to replace the use of passwords, just make them more convenient to use while removing the vulnerabilities associated with them. In 1998, Mandylion Labs originated this simple and intuitive concept toward password management. Today, we're a recognized as the leading innovator in access control utilizing durable password techniques. Government and Corporations use our solutions to reduce the cost and complexity of managing their access control systems in the Window NT and Unix and Linux environments while increasing the enterprise's entire baseline of data security. With a web-centric economy pushing along expanding volumes of confidential information which is only separated from the public domain by an easily forgotten or worse, a hackable password, Mandylion’s solutions couldn't have come at a better time.

For more information on Mandylion labs, please visit www.mandylionlabs.com.

Back to Press
© 1999 - 2006, Mandylion Research Labs, LLC. All rights reserved.