OpenAI announces new advanced security for ChatGPT accounts, including partnership with Yubico

OpenAI takes account security seriously.

The company launched Advanced Account Security (AAS) on Thursday. This is an opt-in protection set for ChatGPT users designed for high-value individuals, but available to anyone who wants it.

As part of its new program, digital security provider Yubico announced that it is partnering with OpenAI to link two new security key products to ChatGPT accounts. The company said the partnership aims to protect users from phishing, which is considered a growing threat to chatbot users.

The two companies will release a pair of “co-branded” YubiKeys called the YubiKey C NFC and YubiKey C Nano.

OpenAI suggests that AAS is suitable for dissidents, journalists, researchers, and elected officials – people who work in politically responsible and dangerous jobs. One might wonder if that makes sense for corporate users whose ChatGPT sessions are exposing trade secrets.

“Ultimately, our goal is to significantly reduce the threat of unauthorized access to sensitive data in OpenAI accounts around the world,” Yubico CEO Jerrod Chong said in a press release announcing the deal.

A security key is a small piece of hardware that is associated with your digital account and can be authenticated through your computer’s USB port. The key stores a unique cryptographic identifier that only the person who owns it can log into the connected account.

While the threat of phished ChatGPT accounts may seem somewhat abstract, there is a growing body of literature showing that malicious actors are increasingly targeting chatbot users. Cybercriminals are always on the lookout for information worthy of extortion, and given the intimate nature of most chatbot conversations, bait is plentiful for both corporate and personal users.

Digital security is also becoming a big focus for the AI ​​industry. A few weeks ago, Anthropic announced a new cybersecurity model called Mythos. Perhaps trying to steal privileges from its competitors, OpenAI has also made a number of announcements related to digital security. Thursday’s news of the Yubico partnership follows OpenAI’s announcement to launch a new framework for digital defense.

Of course, security key-enabled accounts offer greater protection, but they come with tradeoffs. If the key is lost, OpenAI will be unable to regain access. In practice, this means that the conversation may be lost forever.