Hi Thomas,
I have built an application with this feature and it works. Here is how I accomplished this feat:
1) We created a user role in the Administration module for Anonymous users. We gave these users the ability to read and write certain fields (Username, Email, etc) using the following Xpath constraint: [System.owner='[%CurrentUser%]']
2) We had a page where we created a new account. This involved them entering a password, confirming their password, entering an e-mail, and confirming their e-mail. The subsequent microflow then validated that these fields matched and the account is comitted.
At this point, you can route the user to a page where they see a message 'account created, for security please enter your login information' and present them with the standard authentication widgets to let them sign into the account they just created. If you are feeling extra fancy you can auto-login the new user by sending them to a page where you call a request hander that will perform a login. This process is more advanced, but is outlined nicely here:
https://forum.mendix.com/link/questions/14732
Hope this helps,
Rob
In one of my projects I had a non-persistent entity that the anonymous user could edit. Then I had a MF that copied the attributes (such as desired username + email address) into an Administration.Account. The password was set using the Forgot Password module to be sure that the user had validated his email address.