OpenAI launched Advanced Account Security, an opt-in protection system targeting journalists, officials, and security-conscious users facing elevated digital attack risks.

The new security tier requires passkeys or physical security keys while completely disabling password-based login. Users also lose email and SMS account recovery options, relying instead on backup passkeys, security keys, and recovery keys.

Advanced Account Security applies to both ChatGPT and Codex accounts accessed through the same login. Sessions are shortened to reduce exposure windows if devices become compromised, and conversations automatically exclude from model training.

Partnership with Yubico expands hardware access

OpenAI partnered with Yubico to offer preferred pricing on customized security key bundles. The package includes a YubiKey C Nano for laptops and a YubiKey C NFC for backup across multiple devices.

The hardware bundle launches alongside Advanced Account Security but will expand to all eligible users through web security settings. Users can alternatively use any FIDO-compliant security key or software-based passkeys.

OpenAI warns that increased protection comes with increased responsibility. The company's support team cannot assist with account recovery for Advanced Account Security users, making backup authentication methods critical.

Mandatory adoption for cyber defenders

Starting June 1, 2026, individual Trusted Access for Cyber members accessing OpenAI's most capable models must enable Advanced Account Security. Organizations can alternatively attest to having phishing-resistant authentication in their single sign-on workflows.

The launch reflects OpenAI's broader cybersecurity action plan to protect communities and critical systems. The company positions itself as core AI infrastructure serving consumers, businesses, and developers building on its APIs.

OpenAI plans to extend Advanced Account Security to additional audiences, including enterprise environments where stronger account protections carry similar importance. The feature is available immediately through ChatGPT web security settings.