Key Takeaways
- OpenAI’s Advanced Account Security replaces password‑based login for ChatGPT and Codex with passkeys or physical security keys.
- Enrollment disables email/SMS recovery; only backup passkeys, security keys, or user‑held recovery keys can restore access, and OpenAI Support cannot assist.
- Sign‑in sessions are shortened to limit the window of exposure if a device or active session is compromised.
- Conversations from secured accounts are automatically excluded from model training, giving privacy‑conscious users a hands‑off opt‑out.
- OpenAI has partnered with Yubico to offer a discounted YubiKey bundle, but any FIDO‑compliant key or software passkey works.
- Starting June 1 2026, members of the Trusted Access for Cyber program must enable the setting (or attest to equivalent phishing‑resistant SSO).
- The feature aligns ChatGPT/Codex with industry‑wide phishing‑resistant standards (FIDO2/WebAuthn) already used by Google, Microsoft, GitHub, and others.
Introduction and Purpose
OpenAI has rolled out Advanced Account Security, an opt‑in hardening measure designed to protect ChatGPT and Codex accounts from credential‑theft attacks. By eliminating traditional password sign‑in and relying solely on passkeys or hardware security keys, the service moves toward a phishing‑resistant authentication model that mirrors protections already in place at major tech platforms. The initiative targets journalists, elected officials, researchers, political dissidents, and any users who handle sensitive information and require stronger guarantees that their accounts cannot be compromised via credential phishing, SIM‑swapping, or email account takeover.
How Advanced Account Security Works
When a user enables the setting, OpenAI strips away the password login pathway entirely. Authentication must be performed with either a passkey (a device‑bound credential stored locally) or a FIDO‑compliant security key such as a YubiKey. The system leverages the WebAuthn and FIDO2 standards, ensuring that the private key never leaves the authenticator and that each login involves a cryptographic challenge‑response that cannot be replayed or intercepted. This architecture eliminates the shared secret that passwords represent, rendering credential‑stuffing and phishing attempts ineffective.
Enrollment Process and Recovery Limitations
To enroll, a user navigates to the account security settings, selects Advanced Account Security, and registers one or more passkeys or security keys. Upon successful enrollment, password login is disabled, and email and SMS account recovery routes are removed. Recovery is now limited to backup passkeys, additional security keys, or a user‑generated recovery key that must be safeguarded offline. Importantly, OpenAI Support will not be able to reset or recover access for accounts under this setting; the responsibility for maintaining backup credentials rests solely with the account holder. This design reduces attack surface but places a higher operational burden on users to avoid lock‑out.
Session Management and Cross‑Product Coverage
Advanced Account Security also enforces shorter sign‑in session lifetimes. Active sessions expire more quickly than under the default configuration, limiting the time window during which a compromised device could be abused. The setting applies uniformly to both ChatGPT and Codex, meaning a single enrollment covers access to both products under a shared authentication state. Consequently, a user who secures their ChatGPT login automatically gains the same protection when using Codex, simplifying policy enforcement for individuals who work across the two services.
Impact on Model Training and Data Privacy
A notable privacy benefit accompanies the security upgrade: conversations from accounts with Advanced Account Security enabled are automatically excluded from model training. OpenAI’s default opt‑out for training data requires users to manually toggle a preference; the new setting bypasses that step, ensuring that any input entered while the hardened authentication is active never contributes to the improvement of OpenAI’s models. This feature is especially valuable for professionals handling confidential or proprietary information who seek assurance that their prompts will not be retained or repurposed without explicit consent.
Yubico Partnership and FIDO Compatibility
To facilitate adoption, OpenAI has partnered with Yubico to offer a discounted bundle of two YubiKeys tailored to the new workflow. The bundle includes the YubiKey C Nano, intended to stay plugged into a laptop for everyday use, and the YubiKey C NFC, which provides backup capability and mobile‑device compatibility via NFC. However, the setting is vendor‑agnostic; any FIDO2‑compliant security key or software‑based passkey (such as those built into modern operating systems or password managers) satisfies the requirement. This openness aligns OpenAI with the broader ecosystem that already relies on FIDO standards for phishing‑resistant authentication at Google, Microsoft, GitHub, and numerous enterprise providers.
Mandatory Enrollment for Trusted Access for Cyber and Enterprise Alternatives
OpenAI has announced that, beginning June 1 2026, all individual members of the Trusted Access for Cyber program—those granted access to the company’s most capable and permissive models—will be required to enable Advanced Account Security. Organizations that provide trusted access can alternatively attest that they employ phishing‑resistant authentication as part of their single sign‑on (SSO) workflow, thereby satisfying the requirement without forcing each user to individually enable the setting. This policy underscores OpenAI’s commitment to elevating security posture for high‑risk users while offering flexibility for enterprises that already maintain mature identity‑and‑access‑management controls.
Conclusion and Outlook
The introduction of Advanced Account Security marks a significant step forward in safeguarding ChatGPT and Codex accounts against credential‑based threats. By mandating passkey or hardware key authentication, removing fallback recovery vectors, shortening session lifetimes, and automatically excluding interactions from model training, OpenAI addresses both security and privacy concerns voiced by high‑profile users. The partnership with Yubico and the adherence to open FIDO2/WebAuthn standards ensure compatibility with existing security infrastructures, while the forthcoming mandatory requirement for Trusted Access for Cyber participants signals a broader industry shift toward phishing‑resistant authentication. As threats continue to evolve, such measures will be essential for maintaining trust in AI platforms that handle increasingly sensitive and valuable data.