Passkeys anchor the transition to phishing-resistant authentication, empowering cyber defenders and Codex developers to secure the most powerful AI models and codebases.
STOCKHOLM & SANTA CLARA, Calif. – (BUSINESS WIRE)- Yubico, the pioneer of phishing-resistant security keys and creator of the YubiKey, the strongest form of hardware-backed passkeys, today announced its significant role in securing the AI frontier as OpenAI mandates the use of passkeys for individuals that are part of their Trusted Access for Cyber (TAC) program.
“OpenAI’s mandate is a pivotal moment, moving the industry away from ‘probabilistic’ security – where we hope a password is strong enough – to a cryptographic certainty that only hardware can provide.”
As a leading global AI research and development company, OpenAI is setting a precedent for empowering its users to take control of their own security posture with more secure authentication options. Starting June 1, 2026, individuals in TAC with access to OpenAI’s most powerful and permissive AI models will be required to enable Advanced Account Security (AAS). This mandate signals a new industry precedent: when working with agents, sensitive codebases, and powerful cybersecurity capabilities in frontier models, proven security protection like hardware-backed passkeys are no longer optional – they are the essential circuit breaker for the AI frontier.
“We are in an era where AI can analyze vulnerabilities and act on our behalf. In that world, the only thing more powerful than the AI itself is the identity of the person controlling it,” said Albert Biketi, chief product and technology officer, Yubico. “OpenAI’s mandate is a pivotal moment, moving the industry away from ‘probabilistic’ security – where we hope a password is strong enough – to a cryptographic certainty that only hardware can provide. Yubico applauds OpenAI’s ‘security by default’ approach by enforcing rigorous security through passkeys, such as a hardware security key, for users who need it most.”
