You can use through the Authentication policy.
1 Go to Authetication System > Authentication > Policy click Enable user authentication
2 Click on Add, after that configure the authentication policy
3 After doing the above 2 steps, the authenticated user will automatically added to the default group (you can choose to add to other group). Go to Authentication System > Local Users > Users, if the user in Users is identified as a local user, the user who is not in Users will be recognized as a new user when next time access to Internet.
4 After users completes the authentication and after binding relation exist in Users, then modify the New User Option to No authentication for new users.