OpenAI is adding hardware security key support to ChatGPT accounts through a new partnership with Yubico, one of the most widely used physical authentication device makers in enterprise security.
The new protections are opt-in. Yubico's security keys are small physical devices - typically USB sticks or NFC-enabled tags - that you tap or plug in to verify your identity at login. Because the key must be physically present, it blocks the phishing attacks and credential-stuffing attempts that routinely defeat standard SMS-based two-factor authentication. This is how banks and enterprise software companies protect high-value accounts, and it's rarely available in consumer AI tools.
For ChatGPT users who store custom GPT configurations, business conversations, or paid subscription access in their accounts, this fills a real gap. OpenAI announced the initiative alongside other opt-in account protections, though full rollout details and a timeline haven't been specified. The Yubico partnership is notable because it signals OpenAI treating account security as a genuine product priority rather than an afterthought - a shift that matters as more people use ChatGPT for sensitive work. Anthropic and Google haven't announced comparable hardware key support for Claude or Gemini yet, so OpenAI moves first here.
Whether most users will actually set one up is doubtful - adoption of even basic two-factor authentication remains low across consumer platforms. But the option existing matters, especially for business users and anyone managing team accounts where a compromised login could expose months of project work.