Multi-Factor Authentication (MFA)

The University has begun rolling out MFA as an additional security measure to further protect the information we keep from cyber threats and unauthorised access. The University has an obligation to keep your data and privacy safe and secure. This now includes using MFA to help protect us from criminals trying to log-in as you, and gain access to both your, and other peoples’ information.

What is MFA?

Multi-Factor Authentication is a more sophisticated log-in method than the traditional ID and passwords we have used in the past. Passwords have the flaw that they may be ‘phished’, guessed or cracked by tireless combinations sent from computer to computer.

MFA is becoming commonplace in Universities, Colleges and Schools, and you may have already used MFA to access services such as personal online banking, websites, or email.

MFA can also sometimes be referred to as 2FA (Two Factor Authentication) or 2SV (2-Step Verification, each have the same meaning).

During the sign-in process to websites or applications, MFA will ask you to provide additional information to confirm your identity. An example could be an App on your mobile phone which will notify, and subsequently ask you to verify your sign-in request. Another example could be text message containing a ‘One Time Passcode’ for you to use to verify your identity.

The University has an obligation to take appropriate measures to ensure the security of your network account, and the wider University network. Due to the continuous presence of online threats, MFA will be rolled out with the aim to improve the security of your network account, which will heavily reduce the risk of unauthorised access to your information and University data.

Setting up MFA:

Enrolling for MFA involves completing some details, and downloading an App for your mobile phone.  Most people choose the App, as this can be set to pop up a message when you try to log in, which can be verified in various ways including using the finger print recognition that is embedded in smartphones, or alternatively their text, or email capabilities.  

To set up MFA, please visit the following page:

Currently, Chichester is rolling out MFA to staff. This is because Staff may have access to students, and other staff’s data.

Other Universities have rolled out MFA to Students, and Chichester is considering how Students might have their more sensitive access (even to their own data) secured by MFA.

How does MFA work?

MFA removes the reliance on a remembered password as the only way to prevent unauthorised access, and because the criminal would have to know both your password, and have access to either your mobile phone, or your alternative email address, is far harder to compromise.  

The way MFA will work will depend on your role at the University. For example, those people with access to more sensitive information may be required to authenticate more frequently, especially if they are logging in using a personal device, or when off campus.

Generally, on campus, a University PC, Laptop or mobile phone will not ask for an MFA log-in.  

The IT team will soon be publishing guidance and an FAQ relevant to students, staff and other account types.

If you have any questions about MFA, please get in touch with the Support and Information Zone (SIZ) using help@chi.ac.uk or by phone on 01243816000