Search FCW

Advanced Search
Subscribe Now!
Table of Contents
Sprint
Business
BPM
CXOs
Columns
Columnists
Defense
E-Government
Elections 2008
Enterprise Architecture
Funding
Homeland Security
Health IT
IPv6
LOB
Management
Procurement
Privacy
Policy
Program Management
State and Local
Security
Technology
Telework
Training and Certification
Workforce

More Topics
resourcecenter
Home
Letters to the Editor
Current Issue/Download
Print/Online Archives
Editorial Calendar
researchstore
resourcecenter
Communications for Continuity Operations

Oracle Resource Center
NEW! Transforming Data Center
Managed Services
Service Oriented Architecture
Training & Simulation
Networking Communications
Security Directives and Compliance
Data Center Virtualization
Air Force ELSG Contract Guide

More >>



Latest News
ADVERTISEMENT




 

Mandylion takes password tokens to next level

Policy Master 2.0 offers more efficient management

By Michelle Speir Haase
Published on November 21, 2005

Comment

Click here to comment on this article

Newsletters

You might also be interested in these FCW newsletters:

Daily

To learn more, click here.

If you're holding your breath waiting for passwords to go away, we suggest a long exhale. Despite the increased use of biometric log-in devices such as fingerprint readers, plenty of systems still rely on passwords, and they won't disappear anytime soon.

In fact, as people conduct more of their professional and personal business online, it's not unusual for someone to have 10 or more log-in accounts, sometimes with different user names in addition to different passwords.

The large number of accounts creates a security conundrum. A set of passwords strong enough to withstand hacking would be impossible to memorize, yet writing them all down compromises security.

Several years ago, Mandylion Research Labs introduced a password-management token called ebp lite. It stored existing passwords and log-in names and randomly generated new, strong passwords according to user-defined parameters. The drawback was that entering data was time-consuming and tedious.

Mandylion has solved that problem and created an enterprise-level product with its new Policy Master 2.0, which consists of a token, cradle and management software. The software allows administrators to input and manage the passwords on a PC then download them onto the token.

The token, which fits on a key chain, has four arrow keys and one round Enter key in the center, with a small, monochrome LCD that displays log-in records. Each record includes an identifying name along with the user name and password.

Users can control access by a five-keystroke sequence Mandylion calls a personal finger authentication pattern. You can create your own pattern using the four arrow keys, and Mandylion suggests changing it often.

Using the arrow keys, users scroll through a list of log-in records until they find the one they need. Then they type the password into the computer.

The scrolling process is simple but slower than we would have liked, especially for a device that can hold so many records. When you need to access, say, the 25th record, scrolling speed makes a big difference.



upcoming event

Program Management Summit 2008, Ronald Reagan Building, Washington, DC
November 18 - November 19, 2008

Defense and Intelligence Solutions for Business Transformation-DC, Grand Hyatt, Washington, D.C.
November 18, 2008

Building Sustainable Business Models in a Green World, The Willard Hotel 1401 PA Ave., NW Washington, DC
November 19, 2008, 8:00 AM - 10:00 AM

Security 2008, Ronald Reagan Building, Washington, DC
November 20 - November 21, 2008


 

head
fcw
issue
First Name State
Last Name Zip
Title Email
     

Home | About | Contact | Customer Help | Privacy Policy | Editorial Info | Advertise | Link policy / Reprints | Site Map


1105 Media, Inc.

© 1996-2008 1105 Media, Inc. All Rights Reserved.