OpenAI will require members of its Trusted Access for Cyber program to enable hardware-backed passkeys by 1 September 2026 to retain access to what it describes as its most cyber-capable frontier models, according to information distributed by security key maker Yubico.
Under the change, individual Trusted Access for Cyber members who do not meet the requirement will be returned to default model access.
The Trusted Access for Cyber program provides qualified security researchers and organisations with access to advanced AI capabilities for authorised defensive work, including vulnerability triage and validation, malware analysis, detection engineering and patch validation.
The announcement links the new authentication requirement to the security risks posed by increasingly capable artificial intelligence models and the need to restrict access to verified users. It also says OpenAI is strengthening restrictions for high-risk entities and jurisdictions as part of broader efforts to prevent misuse of advanced cyber capabilities.
Hardware-backed passkeys store authentication credentials in a physical security key rather than synchronising them through software or cloud services. The credentials cannot be copied or remotely extracted, which the release says can provide stronger protection against phishing, credential theft, adversary-in-the-middle attacks and account takeover.
Jerrod Chong, CEO of Yubico, said the decision established a new model for protecting access to high-value AI systems.
“We are introducing a new model for phishing-resistant security at scale for the AI ecosystem,” said Jerrod Chong, chief executive officer, Yubico. “This partnership with OpenAI delivers the highest level of protection against phishing with a low-friction user experience. Ultimately, our intent is to drastically reduce the threat of unauthorised access to sensitive data in OpenAI accounts worldwide.
We are proud to partner with OpenAI to deliver YubiKeys, the leading security key that offers the strongest way to use passkeys, increasing protection of sensitive user data for the AI frontier.”
The release says the mandate comes as cybercriminals increasingly use phishing, social engineering and session hijacking to bypass passwords and legacy multi-factor authentication methods such as SMS codes and mobile push notifications.
According to the release, hardware-backed passkeys verify both the user and the legitimate service before authentication occurs, reducing the risk of users signing in to fraudulent websites. It also says requiring physical authentication makes it more difficult and expensive for threat actors to create, validate and resell compromised accounts at scale.
The release says OpenAI already uses YubiKeys internally to protect employees and infrastructure from phishing attacks, and that eligible users will be able to adopt the same hardware-backed model through OpenAI’s Advanced Account Security program, including disabling weaker fallback methods.
Yubico also said a custom two-pack of YubiKeys is available to existing OpenAI account holders at preferred pricing, comprising a YubiKey C NFC – OpenAI and a YubiKey C Nano – OpenAI.
More information is available at chatgpt.com/advanced-account-security.

