OpenAI 要求“可信访问网络安全成员”使用硬件支持的通行密钥。
OpenAI mandates hardware-backed passkeys for Trusted Access Cyber members

原始链接: https://www.yubico.com/blog/openai-mandates-hardware-backed-passkeys-for-trusted-access-cyber-members-to-log-into-chatgpt-accounts/

为了应对不断演变的网络威胁并保护前沿人工智能模型,OpenAI 要求其“网络受信任访问”(TAC)成员提升安全性。自 9 月 1 日起,所有 TAC 个人成员必须启用基于硬件的通行密钥(passkey)以维持账户访问权限。此举旨在从易受攻击的软件多重身份验证转向防钓鱼的硬件安全机制。 通过使用 Yubikeys,OpenAI 正在实施与其内部基础设施所采用的相同高保证身份验证标准。这一要求强制转向“信任根”模型,从而有效瓦解依赖拦截或泄露凭证的犯罪生态系统。为促进这一转型,OpenAI 与 Yubico 达成合作,为 TAC 成员提供专用 YubiKeys 的优惠价格。该举措确保强大的 AI 能力仅向受信任的用户开放,并为保护高风险数字环境树立了新的行业标杆。

OpenAI 已强制其“可信访问”(Trusted Access)项目的成员使用基于硬件的通行密钥(passkeys),并与 Yubico 达成合作,提供专属的联名安全密钥。 该公告发布在 Yubico 的网站上,并在 Hacker News 上引发了讨论。用户对此反应不一:一些人赞赏其对敏感环境高安全性的重视,而另一些人则质疑这种指定硬件门槛的排他性。讨论的焦点很大程度上集中在对未来“远程认证”(remote attestation)的担忧上——用户担心 OpenAI 未来可能会为了实施区域限制或控制使用,而将模型访问权限限制在特定的、预先批准的硬件设备上。 此外,也有人指出了实际操作中的不便,例如注册多个密钥的困难,以及那些模拟硬件令牌的密码管理器可能存在的兼容性问题。尽管有人认为这是高安全性企业环境的必要举措,但持怀疑态度的人则将此视为对人工智能模型实施更严格硬件锁定限制的前兆。
相关文章

原文

The rapid advancement of AI is changing the global cybersecurity landscape. As these technologies become more powerful, safeguarding access to them is increasingly critical — particularly for the security researchers and defenders working to identify vulnerabilities, strengthen software and improve cyber resilience. People need advanced account protection that can withstand modern phishing and social engineering attacks, helping ensure state-of-the-art AI capabilities remain in the hands of trusted users. 

Today’s announcement from OpenAI sets a new industry standard: starting September 1, all individual members of Trusted Access for Cyber (TAC) must enable Advanced Account Security using a hardware-backed passkey to retain access to frontier cyber models. Additionally, OpenAI is tightening access restrictions for high-risk entities and jurisdictions.

At Yubico, we believe the future of AI security depends heavily on identity and authenticator assurance, not just model safety. When the stakes are this high, organizations can no longer rely on software-based controls or legacy multi-factor authentication (MFA), both of which are easily bypassed or intercepted. True security requires a phishing-resistant, hardware-backed root of trust built on credentials that cannot be copied or synced.

Protecting TAC with hardware-backed passkeys makes accounts significantly more difficult and costly for threat actors to exploit at scale. By dramatically raising the barrier to entry, this approach disrupts the criminal ecosystem that relies on creating, validating, and reselling compromised accounts for downstream abuse.

Securing your ChatGPT account with YubiKeys

Moving to hardware-backed protection is a seamless process for TAC members aligning with the new mandate. Through OpenAI’s Advanced Account Security program, security keys provide a higher-assurance environment by deliberately disabling weaker fallback methods. This partnership allows you to replicate the identical security posture that OpenAI uses internally to safeguard its own infrastructure and employees. To facilitate this transition, a custom 2-pack of YubiKeys is available to existing account holders at preferred pricing.

  • YubiKey C NFC – OpenAI: Perfect for the modern mobile workforce. Authenticate instantly with a simple tap against your phone or tablet.
  • YubiKey C Nano – OpenAI: Designed for maximum convenience. Plug it into your laptop’s USB-C port and leave it there for effortless, continuous protection.

Once enrolled, users experience the gold standard of phishing-resistant security through a fast, entirely passwordless experience. To secure your ChatGPT accounts with YubiKeys today, visitchatgpt.com/advanced-account-security or read the full partnership details here.

联系我们 contact @ memedata.com