Advanced account security is an optional setting offered in ChatGPT’s security settings. OpenAI has been gradually rolling it out to personal accounts for a few weeks, which explains why it may not yet appear in everyone.
In detail, it is not a simple double authentication responsible for securing an always active password, but a more profound change in the way of accessing the account. Once the option is activated, the AI chatbot no longer allows you to connect with a password, receive a code by email or SMS, or recover your account by email.
Instead, OpenAI mandates stronger methods, such as passkeys, FIDO-enabled security keys, or a combination of both, to thwart attacks that exploit common login habits, from password theft to entering a fake login page to intercepting OTP codes.
In addition to this overhaul of connection methods, OpenAI also provides some additional safeguards to secure access to the account. Active sessions expire faster, which may require you to reconnect more often, but reduces exposure time in the event of a compromised device. Connection notifications are also sent by email, and you can now view and then revoke open sessions from the security settings.
In short, a set of measures which may be of interest to anyone using ChatGPT to process sensitive professional or personal information, but which requires a minimum of preparation. With stricter recovery methods, misconfiguration or loss of a means of login can quickly make account access difficult.
