Overview
- OpenAI, which launched the opt-in Advanced Account Security on Thursday, now lets ChatGPT and Codex users replace passwords with passkeys or physical security keys.
- The feature disables passwords and requires a passkey or two hardware keys for sign-in to reduce phishing risk.
- Email and SMS recovery are removed, and if users lose their keys or passkeys, OpenAI support cannot restore access.
- Enrolled accounts get shorter sessions and login alerts, and their chats are excluded from model training by default.
- OpenAI partnered with Yubico on a discounted two-key bundle, and members of its Trusted Access for Cyber program must enable the setting or attest by June 1, 2026.