APC BIOM34-EC user manual Alternate Storage Location Optional

Swipe sensors are a type of fingerprint sensor that are operated by placing your finger on the scanner and pulling the finger across the sensor firmly with even speed. Swiping too fast or too slow will result in a failed fingerprint capture. For better results, it is recommended that you use the practice fingerprint selection before enrolling the first time The Choose Finger screen has a Practice button; click it to practice capturing your fingerprint. When you are comfortable with how your fingerprint is captured you may proceed to enroll a finger.

2.3.1.3Verifying the Fingerprint Once OmniPass has successfully acquired the fingerprint, the Verify Fingerprint screen will automatically appear. To verify your enrolled fingerprint, place your fingertip on the sensor and hold it there as if you were having a fingerprint captured. Successful fingerprint verification will show a green fingerprint in the capture window and the text Verification Successful under the capture window.

2.3.1.4Setting Authentication Rules After enrolling a fingerprint you may wish to set the Authentication Rules which you can access in the OmniPass Control Center. These settings allow you to restrict access to OmniPass functions. By default, with no security devices enrolled, all OmniPass functions require "master password" authentication. Once you enroll a security device, you can set OmniPass to require authentication via that security device to access OmniPass functions. More about these settings and their ramifications can be found under Chapter 6.2 User Settings. For now, keep the default selection (no boxes checked) and click Next. This setting will allow you to access OmniPass functions with your enrolled finger, but fingerprint authentication will not be required.

WARNING: You should leave these settings to default (no boxes checked) until you are familiar with OmniPass. If you require an authentication device to access an OmniPass function, and that device fails or is not present, you will lose access to that restricted OmniPass function.

In a Windows XP environment, the Windows and OmniPass Logon selection may be grayed out. This depends on your Windows logon configuration during OmniPass installation. For more details about this feature consult Chapters 6.2 and 6.3. Click Next to proceed.

2.3.1.5 Completing Device Enrollment After you set the authentication rules for the enrolled device, the Device Enrollment Complete screen will automatically appear. If you check the first box, Enroll more security authentication devices …, upon clicking Next, you will be directed back to the Select Authentication Device screen (see 2.2.4 or 2.3.1). If you check the second box, I am done with enrolling security authentication devices …, upon clicking Next, you will be directed to the Audio and Taskbar Settings (see 2.2.5). Continue the OmniPass Enrollment Wizard, resuming the procedure at 2.2.4 or 2.2.5.

2.3.2Enrolling the Phoenix TrustConnector During initial user enrollment, at Select Authentication Device select the security device, which you want to enroll and click Next

.For product information about the TrustConnector please consult the Phoenix Technologies documentation.

NOTE: You must be logged onto the Windows system with the account you wish to enroll into Omnipass. Enrollment will fail if you attempt to enroll a user that is not currently logged onto the machine .If you are logged onto a Domain (e.g. with user account username@domain.com) and you attempt to enroll a local user (e.g. COMPUTERNAME\localuser), user enrollment will fail

Clicking Next or Cancel will return you to the Select Authentication Device screen.To enter the credentials of a

Biometric Password Managers

user that can legitimately enroll the TrustConnector as an authentication device you must hit Start Over at the Select Authentication Device screen so the credentials of the currently logged on user may be entered. Alternatively, the Cancel button could be selected exiting the OmniPass Enrollment Wizard completely.

Once you enter the credentials of the currently logged on user at the Verify Username and Password screen , then the TrustConnector may be enrolled as an authentication device and you can continue to 2.3.2.1 to proceed with device enrollment.

2.3.2.1Configure Digital Certificate During enrollment of the TrustConnector a digital certificate must be specified . The digital certificate that is chosen during authentication device enrollment will be bound to the enrolled user for use in various OmniPass authentication procedures (e.g. Encrypt/Decrypt files, Password Replacement).

Unless an IT administration function has preloaded a digital certificate using the TrustConnector CSP there will be no digital certificates to choose from on the Configure Digital Certificate Authentication screen. You will have to select Use the digital certificate that OmniPass has automatically created for me and click Next.

2.3.2.2TrustConnector Prompts Once you have selected the digital certificate that is to be associated with the OmniPass user you will be prompted to set the security level with respect to accessing the digital certificate for various authentication procedures .

Setting the security level to Medium will notify the OmniPass user when the certificate is being accessed for authentication purposes. Setting the security level the High forces the user to set a TrustConnector password associated with the digital certificate. Authentication procedures that access the digital certificate will prompt the user to enter the TrustConnector password set for that certificate .

Acknowledge the certificate access prompts displayed for TrustConnector enrollment and proceed to 2.3.2.3.

2.3.2.3Completion of Digital Certificate Enrollment After the TrustConnector configures the digital certificate a screen will be displayed indicating that portion of device enrollment was successful . Click Next to proceed with OmniPass user enrollment. The OmniPass user enrollment procedure resumes at 2.2.5.

2.4 Alternate Storage Location (Optional)

The Storage Location is where OmniPass user-specific data is stored. These data are your remembered sites, user identities, OmniPass settings, and data used to securely encrypt or decrypt files, all of which constitute your user profile. You may wish to have your user profile stored in a location other than your local hard drive. You can choose to store your user profile in a removable storage device (e.g. SmartCard, USB key). That way you can remove your storage device when you are away from your system and carry it with you. This portability is an added convenience in that you may have access to your user profile on other OmniPass-enabled systems.

In this example we will be using a SmartCard as the alternate storage location.

2.4.1During initial user enrollment, at Select Storage Device select the storage device which you wish to use and click Next. If a SmartCard is not present in the reader when you click Next, you will be prompted to insert it.

2.4.2This example assumes you are using a fresh, blank SmartCard. If you are using a SmartCard that has already been used with OmniPass or another application, you will be prompted to enter your PIN.