Multi-factor authentication (MFA), also known as two-factor authentication (2FA) or two-step verification, is a security mechanism that requires users to provide two or more different authentication factors before they can access a system, account, or application.

These authentication factors fall into three main categories: 

  1. Something You Know: This is typically a password or PIN only the user should know.
  2. Something You Have: This involves a physical device or token that the user possesses, such as a smartphone, smart card, or hardware token.
  3. Something You Are: This factor is based on biometric information, such as fingerprints, retina scans, or facial recognition.

The idea behind multi-factor authentication is to add an extra layer of security beyond just a username and password. Here is why it is important: 

  • Enhanced Security: MFA significantly improves security because even if a malicious actor manages to obtain your password, they cannot access your account without the second factor. It adds complexity and makes unauthorized access much more difficult.
  • Protection from Password Theft: Passwords can be easily stolen through various means like phishing attacks, data breaches, or social engineering. MFA mitigates the risk of unauthorized access even if passwords are compromised.
  • Reduced Risk of Unauthorized Access: With MFA in place, even if someone guesses your password, they will still need the second factor to gain access. This makes it highly unlikely that an attacker can successfully breach your accounts.
  • Compliance Requirements: Many industries and regulations (e.g., PCI DSS for payment processing or HIPAA for healthcare) mandate the use of multi-factor authentication to protect sensitive information.
  • Remote Access Security: In an era of remote work, where employees access company resources from various locations and devices, MFA provides an additional layer of security to prevent unauthorized access to corporate systems.
  • Mitigating Phishing: Even if users fall victim to phishing attempts and unwittingly provide their passwords, MFA can thwart attackers because they will not have the second authentication factor.
  • Ease of Use: Modern MFA methods, like push notifications or fingerprint recognition on smartphones, have made multi-factor authentication more user-friendly and convenient compared to traditional methods.

To learn how to set up Multi-Factor Authentication for your Chapman University account, visit Chapman University’s 2-Factor Authentication page.

If you receive a suspicious email in your Chapman account, do not click on any link or reply to the sender. Instead, please continue to report any malicious message by forwarding it as an attachment to To see the latest trending scams, please visit

Stay vigilant, stay safe!  

Chapman University Information Systems & Technology (IS&T) 


For each of the four weeks of Cybersecurity Awareness month, we will have a weekly “challenge” to earn cool prizes! Anyone who completes the weekly challenge will be entered into the raffle for that prize.


  • The winner will be randomly selected each week.
  • The winners must be Chapman staff/faculty/students, and submissions will only be accepted from their Chapman email address.
  • Only responses submitted from a Chapman University Email address are accepted.

How to win:

  1. Complete the week’s challenge and take a screenshot of your final score.
  2. Email and include some confirmation of completion (screenshot, print screen, your answers)
  3. Use the following subject line: “CSAM – Week 1.”

Week 1: Kahootclick on the link, enter your name, and click ‘OK, go!’


  • 1st prize: Anker Portable Charger
  • 2nd prize: Moon Lamp
  • 3rd prize: T-shirt (limited sizes)

That’s it! We hope to hear from all of you, and good luck!