OpenAI、ChatGPTとCodexに高度なアカウントセキュリティ機能を導入 Introducing Advanced Account Security

OpenAI has introduced a new feature called Advanced Account Security aimed at users of ChatGPT and its coding agent Codex. The move reflects growing concern that as AI assistants become more deeply embedded in day-to-day work and software development, the consequences of an account takeover have expanded well beyond conventional data leakage.

According to the announcement, the feature is designed to strengthen protection against phishing and unauthorized logins, with particular emphasis on usage scenarios where developers connect Codex to repositories, API keys, and sensitive coding environments. While OpenAI has not detailed every component, the offering appears to include more rigorous multi-factor authentication, improved detection of suspicious sign-in activity, and tighter session management for both web and agent-based access.

The rationale is straightforward: as AI agents gain greater autonomy, credentials and connection tokens are no longer just gateways to personal information. A compromised ChatGPT or Codex account can potentially expose linked source code, allow modifications to repositories, or even provide a foothold into production systems through chained integrations. That elevates account hygiene from an individual concern to something closer to enterprise security posture.

The context surrounding the launch is notable. Over the past two years, AI platform vendors have steadily added enterprise-grade controls. GitHub has expanded administrative and policy tooling around Copilot, while Anthropic has pushed audit logging and SSO support for Claude's enterprise tier. Account protection is increasingly becoming a competitive surface for AI providers, alongside model quality and pricing. OpenAI's move can be read in part as a response to that broader trend, and in part as recognition that Codex in particular handles materials with a much higher blast radius than a typical chatbot session.

The threat landscape backs this up. Supply-chain attacks targeting OAuth tokens issued to developer tools have grown more frequent, and security researchers have documented cases of ChatGPT account credentials being traded on dark web marketplaces, sometimes harvested by infostealer malware running on developer machines. Users who have linked their accounts to GitHub, cloud providers, or internal systems face a meaningfully larger attack surface than those who use ChatGPT only for casual queries. In that environment, stronger authentication options are arguably overdue.

For end users, the practical implication is that adopting hardware security keys, passkeys, or app-based MFA is likely to become the default expectation rather than a power-user choice. Organizations deploying Codex across engineering teams may also find that the new controls simplify compliance conversations, particularly where source code touches regulated data. It remains to be seen how granular the administrative controls will be, and whether features such as device binding or anomaly-based session revocation will be exposed to individual users or reserved for business plans.

There are open questions worth watching. OpenAI has not, at least publicly, clarified how Advanced Account Security interacts with third-party identity providers, nor how it will handle the growing class of agentic workflows in which Codex acts on behalf of a user across multiple services. As AI agents start to hold long-lived tokens for code hosting platforms, cloud consoles, and internal APIs, the question of how to scope, rotate, and revoke that access cleanly is becoming one of the harder problems in the space. Advanced Account Security appears to be a first step rather than a complete answer.

Still, the announcement signals that OpenAI views account integrity as foundational infrastructure for the next phase of its product strategy, in which individual developers and enterprises alike are expected to wire AI into core workflows. If that vision plays out, features that today look like security add-ons may soon be regarded as table stakes for any AI platform with privileged access to a user's code and operational systems.