OpenAI Strengthens AI Security: Passwordless Access for Trusted Users, Tightens Restrictions on High-Risk Entities
July 13, 2026
OpenAI is tightening access to advanced AI capabilities, restricting them to verified, trusted users amid rising cybersecurity threats.
The policy focuses on qualified security researchers and organizations performing authorized defensive cyber work, such as vulnerability triage, malware analysis, detection engineering, and patch validation.
High‑risk entities and jurisdictions will face stricter restrictions as part of broader security measures for advanced AI capabilities.
Enrolled users will experience a passwordless, rapid authentication process that avoids vulnerable credentials, with a custom two‑pack option offered at preferred pricing.
Hardware-backed passkeys store credentials on a physical security key, preventing copying or remote extraction and reducing phishing, credential theft, and account takeover risks.
These hardware-backed passkeys resist copying or remote extraction unlike traditional passwords or some multi‑factor methods.
The solution provides phishing‑resistant authentication not easily compromised through software or cloud synchronization.
Sign‑in will be passwordless and not rely on copied, intercepted, or synchronized credentials; weak fallback methods can be disabled under Advanced Account Security.
OpenAI is offering eligible account holders a custom two‑pack (YubiKey C NFC and YubiKey C Nano) at preferred pricing to enable passwordless authentication, based on its internal use of YubiKeys.
Further details about the Advanced Account Security program and the YubiKey offer are available through OpenAI and Yubico’s official channels.
Yubico collaborates with OpenAI to provide YubiKeys and support for phishing‑resistant authentication within the Advanced Account Security program.
Enrollment enables passwordless authentication and aims to reduce unauthorized access to OpenAI accounts by removing dependence on potentially compromised credentials.
Summary based on 5 sources
Get a daily email with more AI stories
Sources

SecurityBrief Australia • Jul 13, 2026
OpenAI requires hardware-backed passkeys for cyber accessTech Business News • Jul 13, 2026
OpenAI Requires Hardware-Backed Passkeys To Access Its Most Advanced Cyber Models