Biometric password managers, M.14 – APC BIOM34-EC User Manual
Page 12
Swipe sensors are a type of fingerprint sensor that are
operated by placing your finger on the scanner and
pulling the finger across the sensor firmly with even
speed. Swiping too fast or too slow will result in a failed
fingerprint capture. For better results, it is recommended
that you use the practice fingerprint selection before
enrolling the first time The Choose Finger screen has a
Practice button; click it to practice capturing your
fingerprint. When you are comfortable with how your
fingerprint is captured you may proceed to enroll a finger.
2.3.1.3
Verifying the Fingerprint Once OmniPass has successfully
acquired the fingerprint, the
Verify Fingerprint screen will
automatically appear. To verify your enrolled fingerprint,
place your fingertip on the sensor and hold it there as if
you were having a fingerprint captured. Successful
fingerprint verification will show a green fingerprint in
the capture window and the text
Verification Successful
under the capture window.
2.3.1.4
Setting Authentication Rules After enrolling a fingerprint
you may wish to set the Authentication Rules which
you can access in the OmniPass Control Center. These
settings allow you to restrict access to OmniPass
functions. By default, with no security devices enrolled,
all OmniPass functions require "master password"
authentication. Once you enroll a security device, you
can set OmniPass to require authentication via that
security device to access OmniPass functions. More
about these settings and their ramifications can be found
under Chapter 6.2 User Settings. For now, keep the
default selection (no boxes checked) and click Next. This
setting will allow you to access OmniPass functions
with your enrolled finger, but fingerprint authentication
will not be required.
WARNING: You should leave these settings to default
(no boxes checked) until you are familiar with OmniPass.
If you require an authentication device to access an
OmniPass function, and that device fails or is not present,
you will lose access to that restricted OmniPass function.
In a Windows XP environment, the
Windows and OmniPass
Logon selection may be grayed out. This depends on
your Windows logon configuration during OmniPass
installation. For more details about this feature consult
Chapters 6.2 and 6.3. Click Next to proceed.
2.3.1.5
Completing Device Enrollment After you set the
authentication rules for the enrolled device, the
Device
Enrollment Complete screen will automatically appear. If
you check the first box,
Enroll more security authentication
devices …, upon clicking Next, you will be directed back
to the
Select Authentication Device screen (see 2.2.4 or
2.3.1). If you check the second box,
I am done with
enrolling security authentication devices …, upon clicking
Next, you will be directed to the Audio and Taskbar Settings
(see 2.2.5). Continue the OmniPass Enrollment Wizard,
resuming the procedure at 2.2.4 or 2.2.5.
2.3.2
Enrolling the Phoenix TrustConnector During initial user
enrollment, at
Select Authentication Device select the
security device, which you want to enroll and click
Next
.For product information about the TrustConnector
please consult the Phoenix Technologies documentation.
NOTE: You must be logged onto the Windows system
with the account you wish to enroll into Omnipass.
Enrollment will fail if you attempt to enroll a user that is
not currently logged onto the machine .If you are logged
onto a Domain (e.g. with user account
[email protected]) and you attempt to enroll a
local user (e.g. COMPUTERNAME\localuser), user
enrollment will fail
Clicking
Next or Cancel will return you to the Select
Authentication Device screen.To enter the credentials of a
Biometric Password Managers
user that can legitimately enroll the TrustConnector as
an authentication device you must hit
Start Over at the
Select Authentication Device screen so the credentials of
the currently logged on user may be entered.
Alternatively, the
Cancel button could be selected exiting
the OmniPass Enrollment Wizard completely.
Once you enter the credentials of the currently logged
on user at the
Verify Username and Password screen ,
then the TrustConnector may be enrolled as an
authentication device and you can continue to 2.3.2.1
to proceed with device enrollment.
2.3.2.1
Configure Digital Certificate During enrollment of the
TrustConnector a digital certificate must be specified .
The digital certificate that is chosen during authentication
device enrollment will be bound to the enrolled user for
use in various OmniPass authentication procedures (e.g.
Encrypt/Decrypt files, Password Replacement).
Unless an IT administration function has preloaded a
digital certificate using the TrustConnector CSP there
will be no digital certificates to choose from on the
Configure Digital Certificate Authentication screen. You will
have to select
Use the digital certificate that OmniPass has
automatically created for me and click Next.
2.3.2.2
TrustConnector Prompts Once you have selected the digital
certificate that is to be associated with the OmniPass
user you will be prompted to set the security level with
respect to accessing the digital certificate for various
authentication procedures .
Setting the security level to
Medium will notify the
OmniPass user when the certificate is being accessed
for authentication purposes. Setting the security level
the
High forces the user to set a TrustConnector
password associated with the digital certificate.
Authentication procedures that access the digital
certificate will prompt the user to enter the
TrustConnector password set for that certificate .
Acknowledge the certificate access prompts displayed
for TrustConnector enrollment and proceed to 2.3.2.3.
2.3.2.3
Completion of Digital Certificate Enrollment After the
TrustConnector configures the digital certificate a screen
will be displayed indicating that portion of device
enrollment was successful . Click Next to proceed with
OmniPass user enrollment. The OmniPass user
enrollment procedure resumes at 2.2.5.
2.4 Alternate Storage Location (Optional)
The Storage Location is where OmniPass user-specific data is
stored. These data are your remembered sites, user identities,
OmniPass settings, and data used to securely encrypt or decrypt
files, all of which constitute your user profile. You may wish
to have your user profile stored in a location other than your
local hard drive. You can choose to store your user profile in
a removable storage device (e.g. SmartCard, USB key). That
way you can remove your storage device when you are away
from your system and carry it with you. This portability is an
added convenience in that you may have access to your user
profile on other OmniPass-enabled systems.
In this example we will be using a SmartCard as the alternate
storage location.
2.4.1 During initial user enrollment, at
Select Storage Device
select the storage device which you wish to use and
click
Next. If a SmartCard is not present in the reader
when you click
Next, you will be prompted to insert it.
2.4.2 This example assumes you are using a fresh, blank
SmartCard. If you are using a SmartCard that has already
been used with OmniPass or another application, you
will be prompted to enter your PIN.
M.14