Enable Advanced Account Security for Personal Accounts
TL;DR
ChatGPT has introduced Advanced Account Security, an optional setting that enforces stronger sign-in methods like passkeys, disables weaker recovery paths, and adds session management controls.
## What changed On April 30, 2026 OpenAI started rolling out Advanced Account Security as an optional toggle for personal ChatGPT accounts. The setting requires passkeys or compatible security keys for sign-in and disables password login, email or SMS recovery codes, and email-based account recovery. It also adds recovery keys, shorter session times, login notifications, and session management tools.
The feature targets account takeover risks and data exposure on consumer plans. It is not available for Business, Enterprise, or Edu workspaces at launch.
## Why it matters Solo builders who keep project files, automation logs, or client context in ChatGPT now have a direct lever to reduce unauthorized access. The change treats personal accounts as production assets rather than throwaway chat spaces. It pressures users to weigh daily friction against the cost of a compromised thread history or connected data.
OpenAI is betting that serious users will accept stricter recovery in exchange for fewer silent breaches. Casual users may simply ignore the toggle and stay exposed.
## How to use it Open ChatGPT on the web and go to Settings. Find the Advanced Account Security section and turn the toggle on. Immediately save the recovery keys shown on screen and register a passkey or security key before logging out. Test the new sign-in flow from another device to confirm access.
The option appears only for personal accounts in supported regions. Storage management and file library features remain unchanged after enabling the setting.
## Watch for Widespread adoption among users who store files or run long-running Codex sessions will confirm the security bet. Mass lockouts from lost passkeys or recovery keys will break it. The next logical step is extension of the same controls to team workspaces.
Harsh’s take
For a solo operator running client work through ChatGPT in 2026 this toggle forces a real choice between speed and survival. The main trade-off is giving up instant email recovery for protection against someone walking off with your saved memories, uploaded docs, and automation history.
Most builders will leave it off until the first breach hits someone they know. That delay keeps the attack surface wide open for the exact accounts that hold the most reusable context.
Enable the setting today, register a passkey on your main device, and store the recovery keys in a separate vault before you add any more client files.
by Harsh Desai
About ChatGPT
View the full ChatGPT page →All ChatGPT updatesMore from ChatGPT
- IntegrationIntegrate ChatGPT into Microsoft Excel and Google Sheets
ChatGPT is now available globally as a sidebar integration in Microsoft Excel and Google Sheets, helping users build formulas, clean up spreadsheets, and analyze multi-tab files in place.
- Model ReleaseLaunch GPT-5.5 Instant as Default Model
GPT-5.5 Instant is now the default model for all ChatGPT users, replacing GPT-5.3 Instant with improvements in accuracy, clarity, image understanding, STEM questions, and web search.
- FeaturePersonalize Responses with Memory Sources
ChatGPT Plus and Pro users can now experience improved personalization using past chats, saved memories, and connected apps. A new Memory Sources tool lets users view and edit the context shaping responses.