HeadlinesBriefing favicon HeadlinesBriefing.com

OpenAI Mandates Passkeys for Cyber Access

Hacker News •
×

OpenAI is implementing a new security measure, requiring all individual members of Trusted Access for Cyber (TAC) to use hardware-backed passkeys for logging into ChatGPT accounts. This mandate, effective September 1, aims to enhance account protection against sophisticated phishing and social engineering attacks, ensuring advanced AI capabilities remain secure.

This move signifies a shift towards stronger identity and authenticator assurance, moving beyond vulnerable software-based controls and legacy multi-factor authentication. By mandating phishing-resistant, hardware-backed credentials, OpenAI aims to make accounts significantly harder for threat actors to exploit, disrupting the ecosystem of compromised accounts.

TAC members can transition to this enhanced security through OpenAI’s Advanced Account Security program. This partnership with Yubico offers a custom 2-pack of Yubi Keys at preferred pricing, including models like the Yubi Key C NFC for mobile use and the Yubi Key C Nano for laptops. This offers a seamless, passwordless experience and aligns with OpenAI's internal security practices.