What happened
OpenAI introduced Advanced Account Security, an opt-in protection bundle for ChatGPT and Codex accounts requiring passkeys or physical security keys while disabling password-based login. The feature targets high-risk users including journalists, elected officials, and researchers, and includes shortened sessions, restricted account recovery, and automatic training data exclusion.
Why it matters
ChatGPT accounts increasingly hold sensitive personal and professional context, with 900 million weekly active users and confirmed credential-theft campaigns circulating online. The partnership with Yubico offering discounted security key bundles (two YubiKeys for $68, down from $126) aims to make phishing-resistant authentication accessible at scale, addressing the growing threat surface as AI accounts become central to connected workflows.
Applicability
Relevant for enterprises with high-value ChatGPT usage (legal, healthcare, finance), security-conscious organizations deploying Codex, and any consultancy advising clients on AI account security posture. Note the tradeoff: OpenAI Support cannot assist with account recovery for enrolled users, placing full responsibility on hardware key management.