Cyber News Live - Home Page
Linkedin
OpenAI & YubiKey Partnership
Cybersecurity

OpenAI and Yubico Partner to Bring Custom Phishing-Resistant YubiKeys to OpenAI Users

Cyber News Live

The OpenAI YubiKey partnership marks a major push toward phishing-resistant authentication for AI users. Yubico, the creator of the YubiKey security key, has partnered with OpenAI to launch custom hardware-backed security keys designed to better protect ChatGPT accounts from phishing, credential theft, and account takeover attacks.

Beginning today, eligible users can purchase a new 2-pack bundle of custom YubiKeys as part of OpenAI’s Advanced Account Security program. The launch gives security-conscious users stronger account protection through phishing-resistant passkeys and passwordless authentication.

The bundle includes:

  • A YubiKey C NFC for tap-to-authenticate mobile access
  • A YubiKey C Nano designed for continuous laptop protection through a low-profile USB-C connection

Both security keys support modern passwordless authentication standards and are specifically aimed at users who face elevated risks from phishing, credential theft, and targeted account takeover attacks.

OpenAI YubiKey Partnership Expands Hardware-Based Security

OpenAI already uses YubiKeys internally to secure employee accounts and critical infrastructure against phishing campaigns and advanced social engineering attacks. Through this partnership, the company is now extending that same level of protection to its users.

The collaboration combines OpenAI’s focus on AI safety and user security with Yubico’s expertise in phishing-resistant authentication, helping simplify secure account access while reducing the risk of compromised credentials.

Jerrod Chong, chief executive officer at Yubico, said the partnership represents a major step forward for security across the AI ecosystem.

“We are introducing a new model for phishing-resistant security at scale for the AI ecosystem,” said Chong. “This partnership with OpenAI delivers the highest level of protection against phishing with a low friction user experience.”

He added that the broader goal is to significantly reduce unauthorised access to OpenAI accounts globally while making strong authentication easier for everyday users.

OpenAI YubiKey Partnership Targets Account Takeovers

Unlike traditional SMS codes or app-based authentication, YubiKeys use hardware-backed passkeys tied directly to the physical device. This makes them resistant to phishing, session hijacking, and credential replay attacks.

The move comes as AI platforms increasingly become high-value targets for cybercriminals seeking access to sensitive prompts, business data, proprietary models, and user conversations.

Dane Stuckey, chief information security officer at OpenAI, said security keys remain one of the strongest defences against phishing attacks.

“Security keys are one of the best ways to protect accounts from phishing, and Yubico has played a leading role in making that protection practical and accessible,” said Stuckey.

He added that YubiKeys have already become standard security tools inside OpenAI and that the Advanced Account Security program helps users adopt the same protections.

Why the OpenAI YubiKey Partnership Matters for AI Security

The partnership reflects broader industry momentum toward passwordless authentication and passkey adoption as organisations move away from vulnerable password-based systems.

Yubico has played a central role in shaping modern authentication standards, including FIDO2, WebAuthn, and FIDO U2F. The company also introduced some of the earliest commercial passkey technologies now used globally.

Today, YubiKeys are used across governments, enterprises, and critical infrastructure organisations in more than 160 countries.

Phishing-Resistant Passkeys Become Critical for AI Platforms

As AI adoption accelerates globally, attackers are increasingly targeting AI accounts and platforms through phishing campaigns, credential stuffing, and social engineering operations.

This partnership positions phishing-resistant authentication as a core component of AI platform security rather than an optional feature.

By combining OpenAI’s global reach with Yubico’s hardware authentication technology, the companies aim to increase adoption of hardware-backed account security at scale.

Once enrolled, users can access ChatGPT accounts through a fast passwordless experience while significantly strengthening protection against account compromise.

OpenAI YubiKey Partnership Supports Passwordless Authentication

The custom YubiKey C NFC – OpenAI Edition and YubiKey C Nano – OpenAI Edition are now available with exclusive pricing for eligible OpenAI account holders.

For more information, users can visit here.

About Yubico

Yubico (Nasdaq Stockholm: YUBICO) is a modern cybersecurity company on a mission to make the digital world safer for everyone. As the inventor of the YubiKey, the company sets the gold standard for phishing-resistant, hardware-backed authentication. It helps stop account takeovers while making secure login simple.

Since 2007, Yubico has helped shape global authentication standards. It co-created FIDO2, WebAuthn, and FIDO U2F, and introduced the original passkey. Today, its technology secures people and organisations in over 160 countries. It transforms how digital identity is protected from onboarding to account recovery.

Trusted by security-conscious brands, governments, and institutions, YubiKeys work out of the box with hundreds of apps and services. They deliver fast, passwordless access without friction or compromise.

Yubico believes strong security should never be out of reach. Through its philanthropic initiative, Secure it Forward, the company donates YubiKeys to nonprofits supporting at-risk communities.

Headquartered in Stockholm, Sweden; Santa Clara, California; and Singapore, Yubico has earned recognition as one of TIME’s 100 Most Influential Companies and Fast Company’s Most Innovative Companies. Learn more at www.yubico.com.

About Cyber News Live

Stay ahead with Cyber News Live! First, we deliver real-time reporting and sharp threat intelligence. Additionally, we provide educational content for professionals, practitioners, and curious minds. From there, whether it’s breaking breach alerts or deep dives into attack vectors, we cover it all. Ultimately, our mission is clear: we make complex cyber topics understandable. And beyond that, we ensure critical knowledge stays accessible to everyone.

Shopping Cart0

Cart

Login