Overview
- OpenAI rolled out an opt-in account setting that replaces passwords with passkeys or physical FIDO security keys for ChatGPT and Codex.
- Enrolling disables password login and removes email or SMS recovery, leaving backup passkeys, hardware keys, or a recovery key as the only way back in, with no support-driven restore.
- Sign-in sessions are shorter to limit exposure from a stolen or hijacked device, and users get login alerts with controls to end active sessions.
- Accounts with the setting enabled are automatically excluded from OpenAI’s model training, easing privacy concerns for people who handle sensitive work.
- Starting June 1, individual members of OpenAI’s Trusted Access for Cyber who use its most permissive models must enable the feature or attest to phishing-resistant single sign-on.