Top Highlights
- OpenAI introduces Advanced Account Security, requiring physical security keys and eliminating traditional recovery methods to boost protection against hacking.
- The new feature restricts password use, replacing them with passkeys and security keys, making phishing and social engineering attacks much harder.
- Support for account recovery through OpenAI is removed, preventing attackers from exploiting support channels to access accounts.
- Starting June 1, cybersecurity professionals in OpenAI’s Trusted Access program must enable this security or prove they use enterprise-level, phishing-resistant authentication.
New Security Features for High-Risk Accounts
OpenAI recently introduced an “Advanced Account Security” option to protect users who face targeted threats. This new feature adds extra layers of protection, making it harder for attackers to hijack accounts. Unlike basic passwords, users need two physical security keys or passkeys. This change aims to prevent common attacks like phishing. Because more people use AI for personal and important work, stronger safeguards are necessary. The feature is especially useful for journalists, researchers, and political figures who handle sensitive data. OpenAI says this move is part of its plan to improve cybersecurity for all AI users.
How the New Security System Works
Once users turn on Advanced Account Security, they cannot use regular passwords or contact support for help with account recovery. Instead, they must use backup keys or physical security keys, reducing the risk of social engineering. The system also stops emails and SMS texts for recovery, making it more difficult for hackers to take over accounts. Additionally, the security setup shortens login sessions and sends alerts when someone logs in. Users can review active sessions through the dashboard, giving them more control. OpenAI has partnered with Yubico to offer affordable security key bundles, making it easier to adopt these protections.
Adoption and Broader Impact
OpenAI’s new security measures reflect a growing need for stronger account protections in AI services. While this is a positive step, users need to understand the sacrifices involved. For example, Advanced Account Security disables support-based recovery, which can be inconvenient if users lose their keys. However, the benefits outweigh the drawbacks for high-risk users. Moreover, cybersecurity professionals in OpenAI’s Trusted Access program must use these protections or prove they have similar security measures in place. Overall, wider adoption of such security features can help build trust and keep user data safe as AI tools become more integrated into daily life.
Continue Your Tech Journey
Explore the future of technology with our detailed insights on Artificial Intelligence.
Explore past and present digital transformations on the Internet Archive.
AITechV1
