Enabling Compliance with Password Policies
Mandylion Research Labs
  Main | Products | Purchase | Regulatory Compliance | Company Info | News

Welcome to our news section. This archive contains articles that mention our company, products or technology as well as noteworthy articles on the authentication industry
Latest News

Federal Computer Week Review
Leading Federal and State IT Publication reviews Mandylion’s next generation token and states its “ready for enterprise deployment”
more info

Wall Street Journal Review
WSJ article provides overview of how corporations are coping with password overload and favorably describes the Mandylion Token as the hardware token solution. more info

Military Information Technology Magazine
Respected Military Journal Reviews DoD program which matured Mandylion token technology. more info

Civilian Agencies Deploy
The Commerce Department’s National Weather Service, Treasury’s Bureau of Alcohol, Tobacco, Firearms & Explosives and the National Institutes of Health Deploy tokens. more info

DoD Funds Development
Mandylion Labs technology was matured and showcased as part of a 3 year Advance Concept Technology Development and Demonstration Project funded by DoD Advanced Systems and Concepts. more info

How Strong Are Your Passwords? Security experts cite weak passwords as one of the most critical security threats to your infrastructure. But just what is a strong password? Are their tools that can help me audit and quantify my risk? more info
Vienna, Va. (July 25, 2005):
Mandylion Research Labs, LLC today announced that its Password Manager token has received a favorable product review from the top military technology publication, Military Information Technology. Military Information Technology is part of Kerrigan Media International, Inc., one of the leading Military technology publishers. Receiving these coveted reviews highlights Mandylion Labs’ growing presence in the military information security marketplace and reflects its innovative approach to secure password use and management, a significant issue facing virtually every enterprise.


“…For network centric warfighters, particularly those operating in multinational environments, one of the most common day-to-day headaches is password overload—remembering and complying with strict Department of Defense and coalition force password policies.”
“…Thanks to an Advanced Concept Technology Development and Demonstration (ACTD) project, however, there is now a simple and reliable keychain-sized tool that serves as a memory aide in the generation and recall of cryptographically strong passwords.”

is how the publication summed up its positive impressions of the device.

The full review and review comments from this article can be viewed online at:



“The focus as a Company and its innovative products is to improve cyber security and convenience as it relates to password use.” “As evidenced the DoD’s continued support of the technology, it's clear that we've succeeded,” said Joseph Grajewski, president of Mandylion. “This success is a significant milestone for us as it underscores our continued leadership in password security and user authentication market.”

David Schoenbrot, Vice President of Mandylion added, “ Weak and carelessly managed passwords are now considered by the FBI as the No.2 vulnerability threatening our national computing infrastructure.” “The GAO continues to report to Congress that Federal Information Security each Agency of the Federal Government continues to have systemic and significant security risks due to poor password management by the Federal Agency’s employees.” Schoenbrot defended the Agency’s poor showing by adding “Before we developed our patent pending technology, there was no real effective way to address this threat while at the same time providing the user with convenience.” “Because no technology existed, it was a “do as I say, not as I do ”attitude toward proper security.” “Now we have enabling technology which can truly advance Federal Information Security Policy by creating a culture of security among its computer users.”

About the Product
Mandylion Labs’ developed and patented this innovative and inexpensive password manager in a three year development effort. It is a key chain sized device that helps any user instantly create cryptographically strong passwords that immediately work with any web site, login or system. A key feature is that the device provides for the secure and convenient storage of a user’s passwords along with their automatic update. It was designed to do away with the inherent weaknesses traditionally associated with the use of passwords; namely the individual being asked to create, remember and regularly change their passwords. Passwords created with the device thwart all known brute force and dictionary type hacking attacks.

The token generates and manages up to 50 simultaneous login records. It is completely air-gapped from any system and fully self contained. To ensure purely random passcodes, algorithms embedded within the token’s firmware continuously sense and take input from the user's random and unique interaction with the device. This random data is utilized by the algorithms in generating passwords that can be throttled to meet any password policy as to length, composition and renewal period.

It is more than a smart card. It works instantly with any login, any system and requires no client or host software or apparatus.  There is nothing to install.

The device allows security administrators to set the preferences and policies of each device on behalf of the user. This eliminates the need for the user to perform their own configuration of the unit.

Responding to U.S. combatant commanders’ concerns over the importance of cryptographically strong passwords in multinational environments, the Coalition Information Assurance-Common Operational Picture (C-IA COP) ACTD matured the commercially available device into an enterprise-grade tool.

After surveying the commercial marketplace, the C-IA COP ACTD found a close fit with the Mandylion Password Managers from Mandylion Research Labs, which were already in use by many DoD activities.

The ACTD matured the technology from “cult gadget” into an enterprise tool via participation and feedback in two worldwide military exercises, the Joint Warfare Interoperability Demonstration and over 60 DoD and civilian agency pilot programs funded by the ACTD. The Army in late 2003 issued a regulation officially sanctioning the use of password generator tokens when used as memory aides.

While other information security products generally address only specific threats, Mandylion’s products improve the entire baseline level of data security for the enterprise. Further, with studies that show that now half of all help desk support calls are for password resets, the device has become a tool of cost containment for runaway tech support costs. Tokens, cradles and software are sold separately, and users can mix and match them to meet configuration requirements. Tokens cost $19.74 each, and cradles cost $269. Mandylion recommends that customers buy one cradle for every 25 tokens.

The Policy Master Configuration software is licensed in two-user, 25-user, 100-user and 500-user increments, with per-user pricing averaging $34. The total cost for tokens, cradles and software for a typical 100-user installation is about $65 per user. For a typical 500-user installation, the cost is about $45 per user.

About Mandylion Labs
The idea was inspired. Yet so simple. Rather than search to replace the use of passwords, just make them more convenient to use while removing the vulnerabilities associated with them. In 1998, Mandylion Labs originated this simple and intuitive concept toward password management. Today, we're a recognized as the leading innovator in access control utilizing durable password techniques. Government, Corporations and ISPs use our solutions to reduce the cost and complexity of managing their access control systems in the Window NT and Unix and Linux environments while increasing the enterprise's entire baseline of data security. With a web-centric economy pushing along expanding volumes of confidential information which is only separated from the public domain by an easily forgotten or worse, a hackable password, Mandylion’s solutions couldn't have come at a better time.

The apparatus and methods developed by the Company (5 separate patents pending effective 7/99 et al) inexpensively provide computer users with convenience, privacy and security in the management of their web site and LAN/WAN login passwords.

The Company is located in Vienna, Va. Our number is 703 – 628 4284.
Our e-mail address is info@mandylionlabs.com

Back to Press
© 1999 - 2006, Mandylion Research Labs, LLC. All rights reserved.