OpenAI Launches “Advanced Account Security” to Shield High-Risk ChatGPT and Codex Users
In a move to eliminate common vulnerabilities, OpenAI is disabling email and SMS-based account recovery for those enrolled in the program.
RMN Digital AI Desk
New Delhi | May 1, 2026
SAN FRANCISCO — OpenAI announced the launch of Advanced Account Security on April 30, 2026, a new suite of opt-in protections designed to safeguard ChatGPT and Codex accounts against sophisticated digital attacks. The initiative arrives as AI becomes increasingly integrated into personal and professional workflows, heightening the stakes for securing sensitive data.
Fortifying the Digital Front Door
The new security tier is specifically tailored for individuals at elevated risk of account takeover, such as journalists, elected officials, researchers, and political dissidents. By enrolling, users activate a series of stringent measures designed to make unauthorized access significantly more difficult.
Key technical changes include the requirement of passkeys or physical security keys for signing in, while traditional password-based logins are completely disabled to ensure a phishing-resistant environment. Additionally, sign-in sessions have been shortened to limit exposure from compromised devices, and users will now receive instant alerts for any new account logins.
Phishing-Resistant Recovery and User Responsibility
In a move to eliminate common vulnerabilities, OpenAI is disabling email and SMS-based account recovery for those enrolled in the program. Because attackers often exploit compromised phone numbers or email accounts to hijack secondary services, Advanced Account Security mandates the use of backup passkeys or physical recovery keys instead.
OpenAI issued a clear warning regarding this transition: the heightened protection comes with increased user responsibility. Because recovery is restricted to these secure, user-controlled methods, OpenAI Support will be unable to assist in recovering accounts for users who lose their keys.
Automatic Privacy and Hardware Partnerships
Beyond access control, the program offers a major privacy benefit: automatic exclusion from model training. While standard users must typically opt out, conversations from accounts with Advanced Account Security enabled will not be used to train OpenAI’s models by default.
To encourage adoption, OpenAI has partnered with Yubico to offer preferred pricing on security key bundles, including the YubiKey C Nano and YubiKey C NFC. While the advanced security suite is opt-in for most, OpenAI will require its use for members of the “Trusted Access for Cyber” program starting June 1, 2026, to ensure that those defending critical systems are using the strongest possible protections.
A Vision for Secure Infrastructure
“As AI becomes increasingly embedded in our lives, it is more important than ever to ensure that users have the controls they need to help protect their privacy and security,” the company stated in its announcement.
OpenAI indicated that these features are a foundational step in its broader cybersecurity action plan, with plans to eventually extend these enhanced safeguards to enterprise environments. Users interested in the new protections can enroll through the Security section of their ChatGPT accounts on the web starting today.
