how to reset a MandyLion brand password token to factory defaults

| | Comments (0)
So a while back I bought a MandyLion brand password token from ThinkGeek.   The idea is that my brain simply can not remember an adequate number of secure passwords.   Now, in my personal business I try to minimize this by using keys and ssh-agent everywhere, but I do need to keep passwords for accounts hosted elsewhere.  (I can't, for instance, throw up a new vserver and run an interface to my bank.)   Also, I need to remember passwords for clients (all my entreprenurial activites are funded by my consulting activities)     And this token, while not all that secure, is worlds ahead of little bits of paper in my wallet. 

Well, I got the token several months ago.  I promptly imputed a few client passwords into it, and used it to generate secure passwords for some of my accounts.   The password input is pretty clumsy (for input, it's got five buttons total)  but it works, and without a computer.  Well, the thing comes with some windows management software.  A 'policy manager' they call it.  I figure I'd load it up and poke around. 

Well, while I'm fairly impressed with the design of the token itself, I can't say the same for the 'policy manager'  -  so I initialize the token and play around a bit.  Not much you can do, aside from inputing passwords on a real keyboard.  Easy, yeah.  But do you really think I'm going to trust  my passwords to a windows box?  right.    so the management software is kinda useless.  But the irritating thing is that I found I could no longer input passwords on the device.  I could generate random passwords, but I couldn't input passwords, which presented a problem, as I said that many of the passwords I have to remember are generated by someone else.    Re-initializing the token didn't fix this problem.

I e-mailed ThinkGeek about it, and they talked to MandyLion.   The advice I got back was "re-initialize the token"  -  I mean, what did I expect from a device with windows-only software?  

Anyhow, the other night I sat down and figured it out.  Here is how I managed to reset the thing back to factory defaults:



1. I re-initialized the token using the provided software (It still won't let me manually enter passwords at this point, but it clears any policy I had set with the windows software.)

2. from the 'View' menu, I simultaniously press the up and down arrows to get to the 'options' menu.   I press the center button, then I press the down arrow to get to the 'set locks?' option.  I press the center button. I press the down arrow until I get to 'shutout' option.  I press the center button.  Now, I press the down arrow until I get to the 'destroy' option, and I select it with the center button.    (I'm now in the 'set locks?' menu again) I scroll down to the 'attempts?' option.  I press the center button to select, then I scroll down to '3 tries'  and press the enter button to select.  I'm done here, so I use the left arrow to go up menus until I am logged out of the device.

3.  I enter the wrong access code more than 3 times, and the LCD says 'Destroy' for a while (less than a minute)   -   after  the screen goes blank, pressing the center button prompts me to select an access code.  The device appears to be back to factory defaults (I can both randomly generate passwords as well as entering them by hand.)

So  yeah.  my password thingr is working again.

Leave a comment