OpenAI introduces Advanced Account Security for passkeys and recovery keys
OpenAI added an opt-in Advanced Account Security mode that requires passkeys or security keys, tightens recovery, and shortens sessions.
Passed source freshness, duplicate, QA, and review checks before publishing. Main source freshness limit: 14 days.
- Source count
- 1
- Primary sources
- 1
- QA status
- pass
Plain English
What this means in simple words
It’s a lock-down mode for your ChatGPT account: you sign in with passkeys or hardware keys, and recovery becomes stricter.
What happened
On April 30, 2026, OpenAI announced Advanced Account Security for ChatGPT logins, requiring passkeys or security keys and tightening recovery and session protections; the setting also applies to Codex.
Why it matters
As ChatGPT accounts store sensitive context and connect to tools, account takeovers become higher impact. Phishing-resistant sign-in can reduce risk, but stricter recovery raises the cost of losing keys.
Key points
- Requires passkeys or security keys and disables password-based login.
- Adds recovery keys and tighter account recovery rules.
- Shortens active sessions and adds more visibility into account activity.
What to watch
Watch how availability expands to workspace and enterprise setups, and how users balance stronger protection with tougher recovery.
Key terms
- Passkey
- A phishing-resistant sign-in method based on public-key cryptography, often stored in a device’s secure hardware.
- Account takeover (ATO)
- When an attacker gains control of an account through phishing, credential theft, or session hijacking.
Sources
Source dates are original publication dates. The posted date above is when The AI Tea published this explanation.
- Introducing Advanced Account Security OpenAI · Product security update · Original source Apr 30, 2026 · Source age 7 days Primary