OpenAI Rolls Out Advanced Security for ChatGPT Accounts

OpenAI has announced a new account security feature for ChatGPT users at increased risk of targeted hacking attacks, and those who want extra account protection.

Named Advanced Account Security, the new opt-in feature is recommended for journalists, researchers, political dissidents, elected officials, and others who use ChatGPT for sensitive personal and professional tasks.

Advanced Account Security, which also protects users of OpenAI’s Codex vulnerability scanner, focuses on four key areas.

When enabled, the feature strengthens sign-in protection by disabling password-based login and requiring physical security keys or passkeys. Users can choose any security key, but OpenAI has partnered with Yubico to offer YubiKey devices at a discount.

The new security feature also covers account recovery, replacing less secure email- and SMS-based recovery with backup passkeys, recovery keys, and security keys. However, OpenAI pointed out that once these account recovery options are enabled, its support team will be unable to assist users with account recovery. 

Advanced Account Security also shortens sign-in sessions to reduce the risk of account takeover in the event of a session or device compromise. Users will also be alerted about logins and given the ability to manage active sessions.

Users who sign up for the new account security feature will also benefit from automatic training exclusion — their conversations will not be used to train AI models. 

OpenAI has set up a dedicated page for enrolling in Advanced Account Security. 

Related: OpenAI Widens Access to Cybersecurity Model After Anthropic’s Mythos Reveal

Related: Critical Vulnerability in OpenAI Codex Allowed GitHub Token Compromise

Related: OpenAI Impacted by North Korea-Linked Axios Supply Chain Hack

Related: OpenAI Launches Bug Bounty Program for Abuse and Safety Risks