OpenAI mandates passkeys for high-risk model users

OpenAI requires phishing-resistant passkeys and hardware-backed authentication for people in its Trusted Access for Cyber (TAC) program who access the company's most permissive, cyber-capable models, effective June 1, 2026, per a Yubico blog post and Business Wire coverage of Yubico
s press release. Business Wire and Yubico say the collaboration makes a custom YubiKey 2-pack available to OpenAI users and that OpenAI already uses YubiKeys internally. The Business Wire press release includes direct quotes: "We are introducing a new model for phishing-resistant security at scale for the AI ecosystem," said Jerrod Chong, chief executive officer, Yubico. "Security keys are one of the best ways to protect accounts from phishing, and Yubico has played a leading role in making that protection practical and accessible," said Dane Stuckey, chief information security officer, OpenAI.

Per Yubico
s blog and the Business Wire announcement, the offered bundle contains a YubiKey C NFC and a low-profile YubiKey C Nano configured to support hardware-backed passkeys and modern FIDO authentication flows. OpenAI
s public documentation on Advanced Account Security describes replacing passwords and disabling weaker account recovery options for accounts enrolled in the program; the company frames these protections as intended for high-consequence developer and defender accounts such as users of Codex.

Editorial analysis: Organizations protecting high-privilege developer, defender, or agent-capable accounts increasingly adopt phishing-resistant FIDO passkeys and hardware tokens as a baseline defense. This story fits a broader pattern where major cloud and platform providers require stronger authentication for accounts that can access sensitive workflows or perform privileged actions.

Editorial analysis - technical context: From a practitioner perspective, passkeys and security keys materially reduce the attack surface for credential-phishing and account takeover attacks because they rely on asymmetric keys and device-bound attestation rather than reusable secrets. For teams integrating AI-assisted developer tooling or running agentic workflows, adoption of FIDO-based auth alters incident response playbooks and key-management requirements.

Editorial analysis: OpenAI
s move, coupled with a commercial partnership with Yubico, accelerates enterprise-grade authentication adoption in the AI ecosystem by lowering procurement friction for hardware keys and surfacing a security posture for accounts that can modify code, access repositories, or run agentic commands. For security teams, this raises the visibility of authentication as a first-order control for managing AI-driven risk.

Editorial analysis: Observers should monitor how broadly OpenAI extends enrollment requirements beyond the TAC cohort, whether other AI platforms mirror mandatory passkey policies for high-privilege accounts, and how tooling around device attestation, recoverability, and passkey lifecycle management evolves. Practitioners should also watch standards and browser/platform interoperability around hardware-backed passkeys, as user experience and enterprise management features will determine adoption rates.