The Mandylion token has been designed from the
ground up for policy compliant access and use
password controlled applications. It does away
with the inherent weaknesses associated with
passwords; the reliance on the individual to
create, remember and regularly change them..
The Mandylion token works instantly and
requires no client software or hardware. It
empowers the end user to comply with all password
The basic features of the Mandylion Password
||Manages up to 50
Login Records Simultaneously
Cryptographically Strong Passwords
||Manages Root and
Pre-Configurable on Behalf of User or Self
Automatic Tamper & Destroy Security Functions
unaffected by battery life or loss of power.
It’s a Proven Solution! Mandylion is the
only password manager token tested and matured by
a DoD research program and deployed to thousands
of DoD and Federal Personnel.
Generates Strong Passwords! Kinetic
circuitry actually senses your use of the unit.
This aids the unit’s processor in the generation
of strong passwords which thwart all known
password cracking techniques including dictionary
and brute force approaches. Passwords can be any
length up to 14 characters or namespaces.
It's Convenient! It securely stores and
displays up to 50 passwords, PIN-s, phone numbers
or security codes and keys. Convenient key-chain
size lets you keep it securely under your physical
control right along with your "regular" keys.
It's Secure! Because only you can turn
it on. It's temper resistant inside and out. Unit
can be set to lock out intruders.
It Can Make Up Passwords for You. A
built-in password generator helps you create long
length "non-word" passwords to be used with any
login. (You can even set the parameters such as
length, alpha numeric. special character and
Preconfigurable. Can be configured by
the organization on behalf of the user. Handles
incremental updates as well as group passwords.
The enterprise can control what the user can
modify on the token.
It's Automatic! Prompts you to change
your password at preset intervals, then can
automatically create a new one, if desired (Govt.
prescribed renewal intervals are built-in
It's Intuitive! Designed from the ground
up as the world's first personal manager. Along
with each password , it can store the site's name,
your user ID and account number. Easy to use
interface allows for quick display of most
frequently used passwords
It's a Total Protection System. Designed
in conformity with stringent U.S. Military,
National Institute of Standards and Technology and
National Security Agency standards for the secure
creation, management and use of passwords.
Tamper Resistant. Only the authorized
user it is assigned to can turn it on. Circuitry
is designed to thwart electronic bypass. Unit has
user selectable lockout settings.
It Works Immediately. No software
needed. Nothing to install. Can be instantly used
with any Web site, intranet or system, that
requires user-input passwords for access. Works
with all standard user login methods.
Carefree Operation. Uses standard
batteries. Batteries last about a year with daily
use. All passwords and settings are stored in
permanent and protected memory which is unaffected
by battery life loss of power.
Configuration Utility and Cradle. The
autoload version of the token can be configured
either manually on the token itself or via the
Policy Master Configuration Utility and downloaded
to the token.
Operation is Simple and Intuitive. You can
use it to add convenience while improving your
security anywhere you use passwords, PINs or pass
(back to top)
Use of the Mandylion solution provides three
User and Administrator Convenience.
Currently, passwords are an inconvenience and a
burden for the average computer user. Policy is
clear; compliance is difficult. The Mandylion token
empowers the user to comply with IA access control
policy not through enforcement, but through
convenience. Empowering the user to comply with
strong password policy helps promulgate the IA
message vs. defeat or erode it with "human" work
For the network administrator, it is the only
solution which professionally and securely manages
root passwords and logins under shared control.
Information Assurance. Poorly
constructed passwords that are not well managed
are an inherent weakness and significant
vulnerability to the information Assurance
infrastructure. Regardless of the encrypted
transmission techniques employed in its transport,
the captured cipher text of a cryptographically
weak password is easily discerned and obtained
through a brute force attack.
Cost Savings. Password reset costs are a
significant portion of the help desk budget. The
Mandylion token empowers the user to literally and
securely keep these codes at their fingertips.
Easy Implementation. Works instantly
with all standard user login methods. Because it's
standalone apparatus, you can independently use
with any Web site or host. Hosts and Web sites
seeking enhanced access control can easily
incorporate it into their existing login methods.
Instantly Creates Strong Security Policy.
In work environments, distribution and surrender
of units can be integrated with personnel
procedure to ensure that access is being properly
authorized and further, being properly terminated
on timely basis.
(back to top)