I noted your comment regarding BioPassword
and would like to add to it.

Mandylion views access control as a
spectrum of differing authentication
requirements. We believe that there is no
single technology that appropriate for all
instances. No silver bullet. Complementary
and mutually exclusive technologies exist and
will also emerge. As with any technology
sector, some technologies will do a better and
more comprehensive job at it than others.

The aim with the Mandylion technology is to
make that portion of the access control
spectrum which employs the password
method more secure and convenient to the
user.

Our technology requires no modification to the
desktop and works seamlessly with existing
password registries within Microsoft, Unix and
Mainframe OS?s as well as with any
application that uses passwords. It can be
used virtually anywhere, from any access point
be it a stationary PC, laptop or PDA such as a
RIM Blackberryor Palm Pilot. We attempt to
perfect the password method, not replace it.

In contrast, other approaches require
additional software and/or hardware to be
added to the infrastructure which adds to
configuration management issues. Because
access control is so systemic, most API?s are
not well published, shared and do change
often. As such, when such technology is
added to the infrastructure it tends to conflict
with the native system or more often, can
create new vulnerabilities when it attempts to
replace it. For instance, does installing a
secondary authentication over an underlying
weak code, create new vulnerabilities in how it
data communicates and stores this weak
access code? Alternatively, with web enabled
hosts, what prevents unauthorized access
utilizing the passcode from points outside of
the software?s control.