OpenAI announces new advanced security for ChatGPT accounts, including a partnership with Yubico

OpenAI is getting serious about account security.

The company on Thursday launched Advanced Account Security (AAS), a suite of subscription protections for ChatGPT users designed for high-net-worth individuals — but available to anyone who wants them.

As part of this new program, digital security company Yubico announced that it has partnered with OpenAI to connect two key new security products to ChatGPT accounts. The company said the partnership aims to protect users from the threat of phishing, which is a growing threat to chatbot users.

The two companies are launching a pair of “co-branded” YubiKeys – dubbed the YubiKey C NFC and YubiKey C Nano.

OpenAI suggested that AAS is well-suited for political dissidents, journalists, researchers, and elected officials — people who engage in politically charged and risky actions. One might assume that this might make sense for enterprise users, whose company secrets are saved in ChatGPT sessions.

“Ultimately, our goal is to significantly reduce the risk of unauthorized access to sensitive data in OpenAI accounts around the world,” Jerrod Chung, CEO of Yubico, said in a press release announcing the deal.

Security keys are small pieces of hardware that can be linked to digital accounts and operated through a computer’s USB ports. There is a unique cryptographic identifier on the key, which allows only the person in possession of it to log into a connected account.

If the threat of spoofed ChatGPT accounts may seem somewhat abstract, there is a growing body of literature showing that bad actors are increasingly targeting chatbot users. Cybercriminals are always looking for information worth extorting, and given the intimate nature of most chatbot conversations, there is a lot of information when it comes to users on both an institutional and personal level.

Digital security is also becoming a larger focus of the AI ​​industry. Several weeks ago, Anthropic announced a new cybersecurity model called Mythos. Perhaps looking to steal some of the spotlight from its competitors, OpenAI has also made a number of announcements related to digital security. News of the Yubico partnership Thursday came on the heels of OpenAI announcing it was launching a new digital defense framework.

Of course, a security key-enabled account offers stronger protection, but it comes with a trade-off: If the key is lost, OpenAI won’t be able to help restore access. In practical terms, this means that the conversations may be lost forever.