OpenAI Introduces Advanced Security Feature to Strengthen ChatGPT Accounts
New optional security setting adds stronger login protection, limits phishing risks and enhances privacy while giving users more control over account activity and recovery options across ChatGPT and related services
In a step aimed at tightening user protection, OpenAI has rolled out a new feature designed to make accounts on ChatGPT significantly harder to compromise. The feature, called Advanced Account Security, is being offered as an optional setting for users who want stronger safeguards against hacking and phishing attempts.
Unlike traditional security updates that work in the background, this feature requires users to actively enable it from their account settings. Once turned on, it introduces stricter login rules and removes some commonly used but less secure recovery methods.
One of the most noticeable changes comes in the way users sign in. Passwords are no longer accepted under this mode. Instead, users must rely on passkeys or physical security keys, which are considered far more resistant to phishing attacks. These methods prevent attackers from stealing login credentials through fake websites or deceptive links.
Account recovery has also been reworked. Previously, users could regain access through email or SMS verification. With this feature enabled, recovery depends on backup passkeys or dedicated recovery keys. This shift increases security but also places more responsibility on users to safely store their credentials. Losing these keys could result in permanent loss of account access, as even support teams may not be able to restore it.
The system also focuses on limiting risks from active sessions. Sessions expire more quickly, and users receive alerts if a new login is detected. Additionally, there is improved visibility into all devices where the account is currently active, allowing users to monitor and manage access more effectively.
Another important aspect is privacy. When Advanced Account Security is enabled, user conversations are excluded from being used to train AI models. This is particularly useful for individuals handling sensitive or confidential information.
To further strengthen the ecosystem, OpenAI has partnered with Yubico, enabling support for hardware based authentication tools such as security keys. These devices add an extra physical layer of protection during login.
Enabling the feature is straightforward. Users can access their account settings on the web, navigate to the security section, and activate Advanced Account Security. From there, they can set up passkeys or connect a compatible security key.
While the feature is currently optional, it may soon become mandatory for certain high risk users. Reports indicate that stricter enforcement could begin from June 2026 for accounts that require enhanced protection.
This move reflects a broader shift in the tech industry, where companies are gradually moving away from passwords and toward more secure authentication systems. For everyday users, it serves as a timely reminder that stronger security often requires a few extra steps but can significantly reduce digital risks.
