ChatGPT Gets a Security Upgrade – Here’s How to Opt In
▼ Summary
– ChatGPT’s new Advanced Account Security feature requires users to sign in with a passkey or security key.
– The feature disables email and SMS authentication for account recovery, requiring backup keys instead.
– Active login sessions are shortened to reduce the risk of account hijacking.
– AI training on user conversations is automatically disabled by default under this feature.
– The feature is currently available to free and paid individual users, with plans to expand to enterprise customers.
Whether you rely on ChatGPT for work or personal use, your conversations likely contain sensitive details you wouldn’t want exposed. A strong password and two-factor authentication are good starting points, but a new feature called Advanced Account Security takes protection much further. Now available to individual ChatGPT users, this opt-in tool is designed to lock down your account and keep your data safe from unauthorized access.
While the feature is especially tailored for high-risk users like journalists, political dissidents, elected officials, and researchers, any ChatGPT user can enable it to bolster defenses against account takeovers and other threats. The suite includes four distinct settings that address different vulnerabilities. First, you’ll be required to sign in using a passkey or physical security key, effectively rendering your old password useless. Second, account recovery methods are strengthened by disabling vulnerable options like email or SMS authentication, pushing you toward backup passkeys, security keys, or recovery keys instead. Third, your active login session time is shortened, forcing more frequent re-authentication and reducing the window for hijacking. Finally, AI training on your chats is automatically disabled, so your conversations won’t be used to improve OpenAI’s models without your explicit consent.
Getting started is straightforward. Visit the enrollment page, sign in, and click the Enroll button. You’ll then configure your preferred authentication methods. OpenAI recommends using a security key and has partnered with Yubico to offer a discounted bundle of two YubiKeys for $68, though any compatible key works. You can also use a passkey if you prefer. During setup, you’ll be prompted to save automatically generated recovery keys. Once activated, you’ll need to log in again with your new credentials before accessing the chat interface.
For users of Codex, the feature also extends protection to your code development and fine-tuning projects. Currently, Advanced Account Security is available only for free and paid individual accounts, but OpenAI plans to expand it to enterprise environments in the future. As the company stated in its announcement, “Privacy and security are foundational to how we build all of our products, and we’ll continue investing in protections that give people more control and stronger safeguards over time.” This upgrade represents a significant step toward giving users more granular control over their account security and data privacy.
(Source: ZDNet)
