News · OpenAI ties ChatGPT and Codex account security to hardware keys, with no support-based recovery
OpenAI ties ChatGPT and Codex account security to hardware keys, with no support-based recovery
Advanced Account Security is an opt-in setting that trades convenience for phishing-resistant sign-in — and makes users, not OpenAI Support, responsible for getting back in.
What the opt-in setting actually changes
Advanced Account Security is a single toggle in the Security section of a ChatGPT account that bundles four distinct changes. It applies to both ChatGPT and Codex accessed through the same login.
First, sign-in shifts to passkeys or physical security keys and password-based login is disabled outright. Second, account recovery loses its two most commonly abused paths: email and SMS recovery are turned off, replaced by backup passkeys, security keys, and recovery keys. Third, sessions are shortened, login alerts are sent, and users get a view of active sessions across devices. Fourth, conversations from enrolled accounts are automatically excluded from model training.
Each of these is a known enterprise security control. What's notable is that OpenAI has packaged them as a named tier for individuals and made training exclusion a property of the security setting rather than a separate privacy preference.
The recovery tradeoff is the real design decision
The most consequential line in the announcement is about what happens when things go wrong. By removing email and SMS recovery, OpenAI also removes its own ability to help.
Because account recovery is restricted to these more secure methods, OpenAI Support will not be able to assist with account recovery for users enrolled in Advanced Account Security.Montana Labs
This is the threat model made explicit: the same human support path that could rescue a locked-out user is also the path an attacker uses for account takeover. OpenAI frames it as increased protection coming with increased responsibility, and lists the intended audience — journalists, elected officials, political dissidents, researchers — as people for whom that tradeoff is worth it. For everyone else, losing all their backup keys means losing the account.
The Yubico bundle lowers the hardware barrier
Phishing-resistant authentication only works if people actually own the hardware. OpenAI's answer is a partnership with Yubico offering preferred pricing on a specific two-key bundle: a YubiKey C Nano meant to stay in a laptop for daily use, and a YubiKey C NFC as backup and for mobile.
The bundle isn't gated behind the security tier — OpenAI says it will be available to all eligible users in their settings, and any FIDO-compliant key or software passkey works instead. That decoupling matters: it treats key ownership as a distribution problem to solve broadly, not a perk reserved for the highest-risk users.
Trusted Access for Cyber turns the option into a requirement
For most users this is opt-in. For one group it isn't. Individual members of the Trusted Access for Cyber program — those reaching OpenAI's most cyber-capable and permissive models — must enable Advanced Account Security beginning June 1, 2026. Organizations can instead attest that their single sign-on already enforces phishing-resistant authentication.
That coupling is the more interesting policy move. Access to more permissive models is being conditioned on account hardening. If your account can pull dual-use cyber capability, OpenAI wants proof the account can't be trivially taken over. Enterprise environments are named as the next audience for this same logic.
What this signals for teams building on OpenAI accounts
An OpenAI account is no longer just a login; the announcement describes it as sitting at the center of connected tools and workflows, with Codex access flowing through it. Securing the account now means securing a credential that can reach code and connected systems.
For teams that depend on ChatGPT or Codex operationally, the practical takeaway is to plan around the recovery model before enrolling anyone. Passwordless, support-free recovery is the right posture for high-value accounts, but it requires disciplined key custody — spare keys stored, recovery keys secured, offboarding handled — because the fallback that normally saves an account is intentionally gone.
Find this story relevant to you?
Contact us to find a unique solution
Need an AI engineering partner that can actually build?
We help businesses integrate AI, build AI-powered products, automate high-value workflows, and modernize the software systems behind them.
Related reading
More analysis around product delivery, operational AI, and the systems work that makes deployment hold up in reality.