» 2 Factor Authentication

Two-Factor Authentication (2FA) is a great way to help prevent unauthorized users from accessing your account in the event your Chapman University account password is compromised. Chapman University's 2FA program uses the Microsoft Authenticator app which is available for Android and iOS devices.

2FA services will only be active when you are not on the main "Eduroam" network. For those using 2FA on campus you will not be required to enter any additional codes while on campus. 

For more information about 2FA services, please contact our Information Security team at Infosec@chapman.edu.

If you are interested in getting started, simply click the "2FA Sign Up" button on the right side of the page.


Toggle Section

Online Registration Video Tutorial

Frequently Asked Questions

Why 2FA?

Phishing campaigns are increasing in frequency and sophistication, and many result in staff and faculty unwittingly providing their passwords to scammers. By requiring a second factor to authenticate from untrusted machines, the likelihood of illegitimate access to your account is significantly reduced.

Do I have to approve every logon request?

No. Connections from campus are exempted from the 2FA requirement. If you connect from a personal device on an off-campus network, you have the option to trust that particular device for 30 days.

Why Microsoft Authenticator?

Microsoft is our 2FA provider, and the Authenticator app provides the added convenience of push notifications. With Authenticator, you will receive a pop-up notification on your device to approve or deny the request. For apps that do not support push notifications, you will enter a code displayed within the app after you supply your password.

Can I enroll more than one device?

Yes, you may enroll multiple devices. Each device will need to have the authenticator app installed and paired with your account through the QR code scanning method demonstrated in the video.

Is this mandatory?

Chapman is offering MFA as an opt-in service. However, it may be mandatory for those who maintain sensitive data within the services protected by 2FA. Chapman's Department of Information Security will notify those for whom 2FA is mandatory.

Do I have to provide my cell phone number?

You may use the mobile app in combination with any of the following: your office or mobile number, a personal e-mail address, or security questions. The personal e-mail address and security questions cannot be used as a second factor for authentication. Instead, they are reserved for use with self-service password resets. We recommend using the mobile app with a mobile number since both options may be used interchangeably for 2FA.

If you replace your cell phone, the mobile number may be used for 2FA requests until you activate the mobile app on your new device.

What do I do if I forget my phone?

Please contact the Service Desk for a temporary override. You will be asked to provide details to validate your identity.

When will I receive the MFA prompt?

Chapman's campus networks are exempted from 2FA. You may be prompted to verify your login if you connect to a protected service from your mobile device from an off-campus network. For example, if you connect to Dropbox from your mobile device on a cellular network, or if you login to Office 365 from your home.