← All stories
● Covered by 1 source Β· 1 reportHigh impact

OpenAI requires hardware-backed passkeys for TAC members starting September 1

Aggregated by BrevFeed security Β· updated 15h ago
πŸ”– Save

OpenAI announced that all individual members of its Trusted Access for Cyber must use hardware-backed passkeys for account security starting September 1. This mandate is intended to enhance protection against phishing and social engineering attacks, ensuring that access to critical AI capabilities is limited to trusted users.

Key points

New Security Requirement for Trusted Access Cyber Members

OpenAI has introduced a new security requirement for its Trusted Access for Cyber (TAC) members. Starting September 1, 2023, all individual accounts must enable Advanced Account Security using a hardware-backed passkey, which significantly enhances security against modern attack vectors.

Rationale Behind the Change

As AI technology advances, the need for stronger access controls becomes imperative, particularly for users tasked with cybersecurity and AI model security. The new requirement aims to protect accounts from phishing and social engineering attacks, which are prevalent as cyber threats evolve.

Access Restrictions for High-Risk Entities

In addition to mandating hardware-backed passkeys, OpenAI will implement tighter access controls for high-risk individuals and jurisdictions. This change reflects a proactive approach to safeguard sensitive AI capabilities and ensure they are accessed only by trusted users.

Implementation and Available Support

The transition to hardware-backed protection is positioned as straightforward for TAC members. OpenAI's Advanced Account Security program revolves around security keys that enhance assurance by disabling fallback methods known to be less secure. A custom 2-pack of YubiKeys is being offered to existing account holders at preferred pricing to assist with this transition.

Conclusion

Through this new directive, OpenAI aims to set an industry standard for cybersecurity in AI, moving away from software-based controls to a more robust, hardware-dependent approach. This shift is expected to raise the barrier for cybercriminals significantly and reduce the incidence of account exploitation.

✨ This summary was generated by AI from the outlets' reporting listed below. It is not independently verified and may contain errors β€” check the original sources. How BrevFeed works β†’

Reporting from

OpenAI announced that all individual members of its Trusted Access for Cyber must use hardware-backed passkeys for account security starting September 1. This mandate is intended to enhance protection against phishing and social engineering attacks, ensuring that access to critical AI capabilities is limited to trusted users.