OpenAI is stepping up its commitment to account security. This week, the company introduced Advanced Account Security (AAS), a set of optional protections for ChatGPT users. While designed with high-profile individuals in mind, these features are open to anyone who chooses to enable them. As part of this initiative, digital security firm Yubico announced a partnership with OpenAI to integrate two new security key products with ChatGPT accounts.

The collaboration aims to shield users from phishing attacks, which are becoming an increasing concern for chatbot users. Together, the companies are releasing two co-branded YubiKeys: the YubiKey C NFC and the YubiKey C Nano. OpenAI suggests that AAS is particularly well-suited for political dissidents, journalists, researchers, and elected officials—people whose work often involves politically sensitive or high-risk activities. It's also likely a strong option for enterprise users who store corporate secrets within ChatGPT sessions.

“Ultimately, our intent is to drastically reduce the threat of unauthorized access to sensitive data in OpenAI accounts worldwide,” said Yubico CEO Jerrod Chong in a press release announcing the deal. Security keys are small hardware devices that connect to a computer’s USB ports and are linked to digital accounts. Each key contains a unique cryptographic identifier, ensuring that only the person physically holding the key can log into the associated account.

While the risk of having a ChatGPT account phished might seem abstract, there is mounting evidence that cybercriminals are increasingly targeting chatbot users. These bad actors are constantly searching for information that can be used for extortion, and given the often personal nature of chatbot conversations, there is ample material for both enterprise and individual users. Digital security is also becoming a more prominent focus within the AI industry. A few weeks ago, Anthropic unveiled a new cybersecurity model called Mythos. Perhaps aiming to capture some of that attention, OpenAI has also made several announcements regarding digital security. Thursday’s news about the Yubico partnership followed OpenAI’s own announcement of a new digital defense framework.

Of course, using a security key offers stronger protection, but it comes with a trade-off: if the key is lost, OpenAI cannot help recover access. In practice, this means that conversations could be permanently lost.