OpenAI announces fresh advanced security for ChatGPT accounts, including a partnership with Yubico

OpenAI takes account security seriously.

The company started operations on Thursday Advanced account security (AAS), a set of optional security features for ChatGPT users, designed for high-value individuals – but available to anyone who wants it.

Under this fresh program, digital security provider Yubico announced has partnered with OpenAI to connect two fresh security key products to ChatGPT accounts. The company said the partnership was aimed at protecting users from the threat of phishing, which is believed to be a growing threat to chatbot users.

The two companies are releasing a pair of “co-branded” YubiKeys – called YubiKey C NFC and YubiKey C Nano.

OpenAI suggested that AAS is a good fit for political dissidents, journalists, researchers and elected officials – people who engage in politically charged and risky work. You can assume that this might make sense for enterprise users whose corporate secrets are buried in ChatGPT sessions.

“Ultimately, our intention is to dramatically reduce the threat of unauthorized access to sensitive data in OpenAI accounts around the world,” Yubico CEO Jerrod Chong said in a press release announcing the deal.

Security keys are petite pieces of hardware that can be linked to digital accounts and activated through your computer’s USB ports. The key contains a unique cryptographic identifier, thanks to which only the person who has it can log in to the connected account.

If the threat of compromised ChatGPT accounts may seem a bit abstract, it exists a growing body of literature showing that dishonest actors are increasingly targeting chatbot users. Cybercriminals are always on the lookout for information that could be phished, and given the intimate nature of most chatbot conversations, there is plenty of material for both corporate and private users to exploit.

Digital security is also becoming an increasing focus of the artificial intelligence industry. A few weeks ago, Anthropic announced a fresh cybersecurity model called Mythos. Perhaps looking to steal some of its competition’s thunder, OpenAI has also made a number of digital security-related announcements. Thursday’s news of Yubico’s partnership came on the heels of OpenAI’s news announcement that it introduces a fresh framework for digital defense.

Of course, an account with a security key enabled provides stronger protection, but it comes with a trade-off: if the key is lost, OpenAI will not be able to assist you regain access. In practice, this means that conversations may be lost forever.