OpenAI has introduced a new “Advanced Account Security” feature for ChatGPT, aimed at providing stronger protection against account takeovers and phishing attacks. The feature is designed as an optional setting, particularly targeted at users who may be at higher risk of cyberattacks, such as researchers, journalists, and enterprise users handling sensitive information.
The new security layer replaces traditional password-based logins with more secure authentication methods such as passkeys and physical security keys. Once enabled, users must rely on these stronger authentication mechanisms, significantly reducing the risk of credential theft and unauthorized access.
In addition to stronger login controls, the feature introduces stricter account recovery processes. Email and SMS-based recovery options are limited or disabled, ensuring that attackers cannot exploit weaker recovery channels. Users are also provided with enhanced visibility into account activity, including alerts for new logins and session monitoring tools.
OpenAI has partnered with security company Yubico to support the rollout, offering hardware-based authentication solutions such as YubiKeys. This collaboration highlights a growing industry shift toward phishing-resistant authentication systems as cyber threats become more sophisticated.
The move reflects increasing concerns around the security of AI platforms, as users rely on tools like ChatGPT for more sensitive and high-stakes tasks. By introducing advanced security measures, OpenAI is aiming to strengthen trust, protect user data, and ensure safer adoption of AI technologies in both personal and enterprise environments.
