Follow ZDNET: Add us as a preferred source on Google.

ZDNET’s key takeaways

• ChatGPT’s Advanced Account Security protects your access and data.
• The feature requires you to set up a passkey or security key.
• AI training is also automatically disabled by default.

Whether you use ChatGPT personally or professionally, you may share certain sensitive information and files in your conversations. And you certainly don’t want that data falling into the wrong hands. But what can you do beyond creating a strong password and using two-factor authentication? Plenty, thanks to a new feature available to individual ChatGPT users.

Known as Advanced Account Security, the new opt-in feature aims to tighten your account and safeguard your data. The option is aimed more at security-minded people such as political dissidents, journalists, elected officials, and researchers. But it’s accessible to any ChatGPT user who wants to enhance protection against account takeovers and other threats.

Also: I tested ChatGPT Images 2.0 vs. Gemini Nano Banana to see which is better – this model wins

(Disclosure: Ziff Davis, ZDNET’s parent company, filed an April 2025 lawsuit against OpenAI, alleging it infringed Ziff Davis copyrights in training and operating its AI systems.)

With better safeguards in mind, Advanced Account Security offers four settings that cover different aspects of your account. The first setting requires you to use a passkey or physical security key to sign in. Another requires stronger methods to recover an account beyond email or SMS authentication. With the third setting, your active login session is shortened to reduce its exposure. The fourth setting automatically prevents your chats from being used for AI training.

To enroll with Advanced Account Security, head to the enrollment web page and make sure you’re signed in with your account. Click the Enroll button to kick off the process.

Now, here’s how each setting works.

1. Use a passkey or security key

To prevent unauthorized account access via a stolen password, Advanced Account Security requires you to sign in with a passkey or physical security key. You can set up either method or both, though you need to establish two authentication methods.

Also: I’m ditching passwords for passkeys for one reason – and it’s not what you think

As OpenAI recommends using a security key, the company has struck a deal with key-maker Yubico. Here, you can buy a bundle of two YubiKeys — a YubiKey C NFC and a YubiKey C Nano — for $68, almost half off the usual price of $126. But other keys are supported in case you already have your own. You can also use a passkey if you prefer. Whatever methods you choose, though, your existing password will no longer be accepted.

2. Set up more secure account recovery

Two-factor authentication is one way to help you recover your account if you can’t otherwise log in. But the method you use makes a big difference. Email and SMS authentication are vulnerable to compromise. With Advanced Account Security, those two methods are disabled, forcing you to use backup passkeys, security keys, or recovery keys. As you set up Advanced Account Security, you’ll be prompted to copy or download the recovery keys automatically generated by ChatGPT.

3. Shorten the time of an active login session

The longer a login session remains active, the greater the opportunity for malware or another threat to hijack your account. With Advanced Account Security, your session is shortened, requiring you to authenticate more often than before. More frequent authentications serve to better secure your account credentials and data.

Also: Privacy in the AI era is possible, says Proton’s CEO, but one thing keeps him up at night

4. Disable AI training

By default, ChatGPT can use your conversations for training to better understand how to communicate like a human. But as that capability poses a risk to your privacy, you can manually disable it. However, Advanced Account Security automatically turns off AI training, so you don’t have to turn it off yourself.

After you’ve set up your preferences, just click the Enroll button to activate Advanced Account Security. You can then head to the ChatGPT chat page. But you’ll be prompted to log in again with your new passkey or security key.

Enterprise support coming

Advanced Account Security also protects you in Codex if you use it to develop and fine-tune your own code. For now, the feature is available to free and paid ChatGPT users with their own accounts. But OpenAI said it expects to expand it to the enterprise crowd.

Also: How to audit what ChatGPT knows about you – and reclaim your data privacy

“As AI becomes increasingly embedded in our lives, it is more important than ever to ensure that users have the controls they need to help protect their privacy and security,” OpenAI said in its news release. 

“Privacy and security are foundational to how we build all of our products, and we’ll continue investing in protections that give people more control and stronger safeguards over time. We expect to extend this work to additional audiences, including enterprise environments, where stronger account security can matter just as much.”