Skip to content
Secure accounts with Advanced Account Security | My AI Guide
FeatureChatGPT

Secure accounts with Advanced Account Security

By Harsh Desai
Share

TL;DR

Users can now enable stricter sign-in requirements, including passkeys and physical security keys. This mode disables weaker recovery paths like SMS codes to prevent account takeovers.

## What changed OpenAI rolled out Advanced Account Security on April 30, 2026 as an optional setting for personal ChatGPT accounts. The feature requires passkeys or physical security keys for sign-in and disables password login, email or SMS codes, and email-based recovery.

It adds recovery keys, shorter session times, login notifications, and session controls. Users must keep their recovery keys and enrolled keys safe, since losing all access methods can permanently lock them out of the account.

## Why it matters This change raises the bar for account protection at a time when many builders store prompts, files, and connected data inside ChatGPT. It directly reduces easy takeover paths that still work on most consumer accounts.

The trade-off is clear: stronger security means fewer recovery options if something goes wrong. Solo operators who rely on quick resets or shared devices will feel the friction first.

## How to use it Go to ChatGPT settings on web, find the Advanced Account Security toggle, and enable it. Set up a passkey or compatible hardware key during the process and immediately save the provided recovery keys.

The setting is available only for personal accounts, not Business, Enterprise, or Edu workspaces. Test sign-in from your usual devices before relying on it for daily work.

## Watch for Confirm the bet if OpenAI adds recovery options that still avoid SMS while remaining usable. The feature breaks if too many users lose access and complain loudly. Expect similar controls to appear in the Business plan next.

Harshs take

Most Vibe Builders treat ChatGPT like a notebook and a database at once. Leaving that account open to SMS hijacks is now an obvious risk. Advanced Account Security removes the easy exits but forces you to treat the account like production infrastructure.

The real cost is operational overhead. You need a hardware key or reliable passkey manager, plus a safe place for recovery codes. Skip either step and you can lose months of custom instructions and file history in one go.

Do this now: enable the setting on your main account, store the recovery keys offline, and move any shared team workflows to a separate Business workspace that still allows simpler recovery.

by Harsh Desai

Source:help.openai.com

About ChatGPT

View the full ChatGPT page →All ChatGPT updates

Go deeper

More AI news

Everything AI. One email.
Every Monday.

New tools. Model launches. Plugins. Repos. Tactics. The moves the sharpest builders are making right now, before everyone else.

No spam. Unsubscribe anytime.