OPENAI ADDS SECURITY KEY SUPPORT TO CHATGPT

OpenAI announced expanded security options for ChatGPT users on Tuesday, introducing opt-in protections designed to strengthen account defenses against unauthorized access. The centerpiece of the initiative is a new partnership with Yubico, a leading provider of hardware security keys. This collaboration enables ChatGPT users to authenticate their accounts using physical security keys—devices that provide multi-factor authentication without relying on traditional passwords or phone-based verification codes. Hardware security keys offer several advantages over conventional authentication methods. They are resistant to phishing attacks, as the keys only respond to authentication requests from verified websites and services. Users cannot be tricked into entering credentials on fraudulent sites, a common attack vector that affects millions of accounts annually. The new security measures are optional, allowing users to maintain their current authentication setup or adopt the enhanced protections. OpenAI has not specified a rollout timeline or detailed availability, but the announcement suggests the features will become available to the broader user base. This move aligns with industry trends toward hardware-based authentication. Major tech companies including Google, Microsoft, and Apple have expanded support for security keys in recent years, recognizing their effectiveness at preventing account takeovers. For ChatGPT users, the addition reflects growing concerns about account security as the platform handles sensitive conversations and personal data. OpenAI has previously offered two-factor authentication options, but hardware security keys represent a more robust protection layer. Yubico's security keys are compatible with various platforms and protocols, though OpenAI did not detail which specific products or standards will be supported in the ChatGPT integration. The announcement comes as AI services continue attracting users and, correspondingly, the attention of threat actors seeking to compromise high-value accounts. Enhanced security features may encourage adoption among security-conscious users and enterprises.