Vienna, Va. (November 21, 2005):
Mandylion Research Labs, LLC today announced that its Password Manager token has received a favorable product review from the top Federal technology publication, Federal Computer Week. Receiving these coveted reviews highlights Mandylion Labs’ growing presence in the Federal information security marketplace and reflects its innovative approach to secure password use and management, a significant issue facing virtually every enterprise.
“…If you're holding your breath waiting for passwords to go away, we suggest a long exhale. Despite the increased use of biometric log-in devices such as fingerprint readers, plenty of systems still rely on passwords, and they won't disappear anytime soon.”
Is how FCW writer, Michelle Speir Hasse, describes the problem that continues to plague Federal IT workers and that the Mandylion Product solves.
“…Policy Master is an impressive improvement over
The system is highly secure, remarkably customizable and ready for enterprise deployment…”
Is how Hasse sums up her detailed review and test drive of the product. She gave the product 3 stars for ease of use and 4 stars for the product’s management and security aspects.
The full review and review comments from this article can be viewed online at:
“The focus as a Company and its innovative products is to improve cyber security and convenience as it relates to password use.” “As evidenced the DoD’s continued support of the technology, it's clear that we've succeeded,” said
Joseph Grajewski, president of Mandylion. “This success is a significant milestone for us as it underscores our continued leadership in password security and user authentication market.”
David Schoenbrot, Vice President of Mandylion added, “ Weak and carelessly managed passwords are now considered by the FBI as the No.2 vulnerability threatening our national computing infrastructure.” “The
GAO continues to report to Congress that Federal Information Security each Agency of the Federal Government continues to have systemic and significant security risks due to poor password management by the Federal Agency’s employees.”
Schoenbrot defended the Agency’s poor showing by adding “Before we developed our patent pending technology, there was no real effective way to address this threat while at the same time providing the user with convenience.” “Because no technology existed, it was a “do as I say, not as I do ”attitude toward proper security.” “Now we have enabling technology which can truly advance
Federal Information Security Policy by creating a culture of security among its computer users.”
About the Product
Mandylion Labs’ developed and patented this innovative and inexpensive password manager in a three year development effort. It is a key chain sized device that helps any user instantly create cryptographically strong passwords that immediately work with any web site, login or system. A key feature is that the device provides for the secure and convenient storage of a user’s passwords along with their automatic update. It was designed to do away with the inherent weaknesses traditionally associated with the use of passwords; namely the individual being asked to create, remember and regularly change their passwords. Passwords created with the device thwart all known brute force and dictionary type hacking attacks.
The token generates and manages up to 50 simultaneous login records. It is completely air-gapped from any system and fully self contained. To ensure purely random passcodes, algorithms embedded within the token’s firmware continuously sense and take input from the user's random and unique interaction with the device. This random data is utilized by the algorithms in generating passwords that can be throttled to meet any password policy as to length, composition and renewal period.
It is more than a smart card. It works instantly with
any login, any system and requires no client or
host software or apparatus. There is nothing to
The device allows security administrators to set the preferences and policies of each device on behalf of the user. This eliminates the need for the user to perform their own configuration of the unit.
Responding to U.S. combatant commanders’ concerns over the importance of cryptographically strong passwords in multinational environments, the Coalition Information Assurance-Common Operational Picture (C-IA COP) ACTD matured the commercially available device into an enterprise-grade tool.
After surveying the commercial marketplace, the C-IA COP ACTD found a close fit with the Mandylion Password Managers from Mandylion Research Labs, which were already in use by many DoD activities.
The ACTD matured the technology from “cult gadget” into an enterprise tool via participation and feedback in two worldwide military exercises, the Joint Warfare Interoperability Demonstration and over 60 DoD and civilian agency pilot programs funded by the ACTD.
The Army in late 2003 issued a regulation
officially sanctioning the use of password
generator tokens when used as memory aides.
While other information security products generally address only specific threats, Mandylion’s products improve the entire baseline level of data security for the enterprise. Further, with studies that show that now half of all help desk support calls are for password resets, the device has become a tool of cost containment for runaway tech support costs. Tokens, cradles and software are sold separately, and users can mix and match them to meet configuration requirements. Tokens cost $19.74 each, and cradles cost $269. Mandylion recommends that customers buy one cradle for every 25 tokens.
The Policy Master Configuration software is licensed in two-user, 25-user, 100-user and 500-user increments, with per-user pricing averaging $34. The total cost for tokens, cradles and software for a typical 100-user installation is about $65 per user. For a typical 500-user installation, the cost is about $45 per user.
About Mandylion Labs
The idea was inspired. Yet so simple. Rather than search to replace the use of passwords, just make them more convenient to use while removing the vulnerabilities associated with them. In 1998, Mandylion Labs originated this simple and intuitive concept toward password management. Today, we're a recognized as the leading innovator in access control utilizing durable password techniques. Government, Corporations and ISPs use our solutions to reduce the cost and complexity of managing their access control systems in the Window NT and Unix and Linux environments while increasing the enterprise's entire baseline of data security. With a web-centric economy pushing along expanding volumes of confidential information which is only separated from the public domain by an easily forgotten or worse, a hackable password, Mandylion’s solutions couldn't have come at a better time.
The apparatus and methods developed by the Company (5 separate patents pending effective 7/99 et al)
inexpensively provide computer users with convenience, privacy and security in the management
of their web site and LAN/WAN login passwords.
The Company is located in Vienna, Va. Our number is 703 – 628 4284.
Our e-mail address is