This scenario demonstrates how a user accessing from a secure network enrolls into the solution knowing his current password.

Note: In the preinstalled environment this scenario is demonstrated by logging in to the WINXP machine with user id “simonf” and password “Passw0rd”.

The user is Simon Fish and Simon has just received an e-mail from the FastPass Password Manager Enrollment Service inviting him to register. The e-mail contains an URL that he clicks. This opens an Internet Explorer directly to the FastPass Client interface where he clicks on the "Enroll User" menu item. He is asked to identify and he enters simonf (SF####), selects the domain as he normally does in the Windows login screen and clicks on the "Continue" button.

Since he is member of a “FastPass Users II” group that is being used to identify users that shall authenticate with two-factor he is now requested to authenticate using a Challenge Code (PIN) sent to him as SMS (Text Message).

He waits for the SMS to arrive to his mobile phone and when it does he enters the PIN and clicks on the "Continue" button.

Note: for this to work the mobile phone number must already be stored in AD. By default the "mobile" attribute is used but any attribute can be used instead.

Simon is now asked to authenticate using password and he enters "Passw0rd" and clicks on the "Continue" button.

Note: The system now checks the entered password against the AD.

Authentication is now considered done and Simon is presented to the Challenge/Response registration screen where he is requested to select four different questions and provide corresponding answers.

He carefully selects four questions and enters corresponding answers before he clicks on the "Continue" button.

The registration is confirmed and Simon can now use the other operations listed in the menu.