Documentation

Password Express
Getting Started with Password Express
Signing up for Password Express
Installing Windows Connect
Performing a Password Reset
Configuring Authentication Policies for Password Reset
Enrolling a User
Installing the Windows Credentials Provider
Secure File Exchange
Installing on Windows
Installing on Linux
Installing an SSL Certificate
Uninstalling (All Platforms)
Virtual File System
Browsing Files
Sharing Files
Upload Forms
Incoming Files
Sharing Shortcodes
File Systems
Mounting External Files
Local Files
Plan Storage
SFTP Folders
Windows Shares
S3 Buckets
Goggle Cloud Storage
Azure Containers
Server Management
User Accounts
Roles
Authorized Keys
Event Logs
Email Messages
HTML templates
Session Management
Authentication Modules
Authentication Policies
SMTP Configuration
User Interface
Branding
User Interface Themes

Installing the Windows Credential Provider

Password Express allows you the ability to add a password reset flow to the Windows Login prompt as well as adding multi-factor support for logging into Windows Desktops.

This can be achieved by using our Desktop Credentials Provider application. This article shows you how to install and configure the Desktop Credentials Provider.

1. Download the Installer

Log on to your Password Express tenant and nagivate to Security->Computers.

Click the link for Credential Provider to download the installer.

Whilst you are on this page, click the link for Registration Key. This will copy the registration key onto your clipboard which you will need for the install.

Select either the EXE or MSI installer and click Download.

2. Installing the provider

Run the downloaded file and answer Yes at the UAC prompt.

Click Next on the first page to begin.

Accept the default install location, or change this to a suitable directory. Click Next.

Type in the Hostname of your Password Express tenant.

Paste in the Registration Key that you saved earlier. Click Next to continue.

Click Install to start the installation.

The installer now copies all required files. Click Finish the installation.

In the Password Express Computers page, you will now see that the Desktop Credentials Provider has registered successfully.

3. Password Reset at the Login Prompt

Once installed, the user will see two new links at the Login Prompt. With these links the user can choose to self-service password reset, or account unlock.

Clicking Reset Password brings up the Password Reset wizard flow.

4. Configuring Multi-Factor Authentication

[icon name=”STAR” prefix=”fas”] IMPORTANT: This feature is not available as part of the Pay-As-You-Go Password Reset option. If you want to configure 2FA Authentication for Windows, you must setup a Trial for, or purchase an Annual Subscription.

Navigate to Security->Authentication Policies and click on the Windows Login Policy.

Now you can either set up Required or Optional authentication modules. For this article we will set up SMS as a required module.

This will mean that the user will need to enter their username and password as normal, but then followed by a code sent via SMS to their mobile.

In the Required Factors field, click this, then select SMS Authentication.

SMS now appears in the list.

Whilst you are here you could choose to assign this authentication policy to separate Users or Roles, but we are going to leave the default option, which will apply this policy to all Active Directory Users.

Click Save to update the changes.

5. Testing MFA Authentication

On the system where you installed the Credentials Provider, now log a user on.

On the logon page you can see the logon logo, this is customizable to add your own logo if preferred.

The Credentials Provider now pops up and has correctly identified that this user needs to enter another factor of authentication.

The user types in the OTP that was sent to their mobile and clicks Continue.

The user is now logged on to their Windows account.

To top