OpenAI is getting serious about account security.
The company on Thursday launched Advanced Account Security (AAS), a set of opt-in protections for ChatGPT users designed for high-value individuals — but available to anyone who wants them.
As part of that new program, digital security provider Yubico announced it has partnered with OpenAI to link two new security key products to ChatGPT accounts. The company said the partnership was designed to protect users from the threat of phishing, which is considered to be a growing threat for chatbot users.
The two companies are releasing a pair of “co-branded” YubiKeys — dubbed the YubiKey C NFC and the YubiKey C Nano.
OpenAI has suggested that AAS is a good fit for political dissidents, journalists, researchers, and elected officials — people who engage in politically charged and risky work. One would assume that it might make sense for enterprise users, whose corporate secrets are squirreled away in ChatGPT sessions.
“Ultimately, our intent is to drastically reduce the threat of unauthorized access to sensitive data in OpenAI accounts worldwide,” Yubico CEO Jerrod Chong said in press release announcing the deal.
Security keys are small pieces of hardware that can be tied to digital accounts and enacted through a computer’s USB ports. A unique cryptographic identifier lives on the key, which allows only the person in possession of it to log into a connected account.
Techcrunch event San Francisco, CA | October 13-15, 2026 REGISTER NOWIf the threat of phished ChatGPT accounts may seem somewhat abstract, there is a growing body of literature showing that bad actors are increasingly targeting chatbot users. Cybercriminals are always on the lookout for extortion-worthy information and, given the intimate nature of most chatbot conversations, there is plenty of fodder when it comes to both enterprise and personal-level users.
Digital security is also becoming a bigger focus of the AI industry. Several weeks ago, Anthropic announced a new cybersecurity model called Mythos. Perhaps seeking to steal some of its competitor’s thunder, OpenAI has also made a number of announcements related to digital security. Thursday’s news of the Yubico partnership followed OpenAI’s announcement that it’s launching a new framework for digital defense.
Of course, a security-key-enabled account does offer stronger protection, but it comes with a tradeoff: If the key is lost, OpenAI won’t be able to help recover access. In practice, that means conversations could be lost for good.
Topics
AI, ChatGPT, cybersecurity, OpenAI, Yubico, YubikeyWhen you purchase through links in our articles, we may earn a small commission. This doesn’t affect our editorial independence.
Lucas Ropek
Senior Writer, TechCrunch
Lucas is a senior writer at TechCrunch, where he covers artificial intelligence, consumer tech, and startups. He previously covered AI and cybersecurity at Gizmodo. You can contact Lucas by emailing lucas.ropek@techcrunch.com. View Bio
StrictlyVC kicks off the year in SF. Register now for unfiltered fireside chats and VC insights with leaders from Uber, Replit, Eclipse, and more. Plus, high-value connections that actually move the needle. Tickets are limited.
-
On the stand, Elon Musk can’t escape his own tweets
- Tim Fernholz
-
OpenAI ends Microsoft legal peril over its $50B Amazon deal
- Julie Bort
-
DeepMind’s David Silver just raised $1.1B to build an AI that learns without human data
- Anna Heim
-
The Stanford freshmen who want to rule the world … will probably read this book and try even harder
- Connie Loizos
-
Two college kids raise a $5.1 million pre-seed to build an AI social network in iMessage
- Dominic-Madori Davis
-
Meta’s loss is Thinking Machines’ gain
- Connie Loizos
-
Google to invest up to $40B in Anthropic in cash and compute
- Rebecca Bellan