Menu Search

Company Announcements

Yubico AB

Yubico Partners with OpenAI to Support Passkey Mandate for its Trusted Access for Cyber (TAC) Program Users

Passkeys anchor the transition to phishing-resistant authentication, empowering cyber defenders and Codex developers to secure the most powerful AI models and codebases

STOCKHOLM & SANTA CLARA, Calif.--(BUSINESS WIRE)--Jun. 1, 2026-- Yubico (Nasdaq Stockholm: YUBICO), the pioneer of phishing-resistant security keys and creator of the YubiKey, the strongest form of hardware-backed passkeys, today announced its significant role in securing the AI frontier as OpenAI mandates the use of passkeys for individuals that are part of their Trusted Access for Cyber (TAC) program.

As a leading global AI research and development company, OpenAI is setting a precedent for empowering its users to take control of their own security posture with more secure authentication options. Starting June 1, 2026, individuals in TAC with access to OpenAI’s most powerful and permissive AI models will be required to enable Advanced Account Security (AAS). This mandate signals a new industry precedent: when working with agents, sensitive codebases, and powerful cybersecurity capabilities in frontier models, proven security protection like hardware-backed passkeys are no longer optional – they are the essential circuit breaker for the AI frontier.

“We are in an era where AI can analyze vulnerabilities and act on our behalf. In that world, the only thing more powerful than the AI itself is the identity of the person controlling it,” said Albert Biketi, chief product and technology officer, Yubico. “OpenAI’s mandate is a pivotal moment, moving the industry away from 'probabilistic' security – where we hope a password is strong enough – to a cryptographic certainty that only hardware can provide. Yubico applauds OpenAI’s ‘security by default’ approach by enforcing rigorous security through passkeys, such as a hardware security key, for users who need it most.”

Hardware-Backed AI Security Matters: How Yubico Anchors OpenAI’s TAC Program

As AI evolves into autonomous agents like Codex, developer accounts become high-consequence control points. A breach now means unauthorized code access and environment manipulation. OpenAI’s new mandate allows users to modernize their security posture through:

  • A Higher Level of Protection for TAC: Utilizing passkeys, including hardware-backed passkeys like YubiKeys, provide the phishing-resistant, hardware-backed protection required for the AAS program.
  • Enterprise Attestation: Organizations can meet OpenAI’s standards by integrating Yubico’s phishing-resistant authentication into their SSO workflows.
  • Zero-Knowledge Recovery: With OpenAI removing manual account resets, Yubico’s "Primary and Backup" bundles ensure users maintain mission-critical access.
  • Verifying Human Intent: The physical "tap" of a YubiKey acts as a vital circuit breaker, ensuring high-consequence AI actions are authorized by a verified human.

This mandate builds on the Yubico and OpenAI partnership to deliver hardware-backed security to the builders of the AI future. For more information on how Yubico secures AI workflows and to access custom OpenAI YubiKey bundles, visit Yubico’s OpenAI solutions page.

About Yubico

Yubico (Nasdaq Stockholm: YUBICO) is a modern cybersecurity company on a mission to make the digital world safer for everyone. As the inventor of the YubiKey, we set the gold standard for modern phishing-resistant, hardware-backed authentication, stopping account takeovers and making secure login simple.

Since 2007, we’ve helped shape global authentication standards, co-created FIDO2, WebAuthn, and FIDO U2F, and introduced the original passkey. Today, our passkey technology secures people and organizations in over 160 countries—transforming how digital identity is protected from onboarding to account recovery.

Trusted by the world’s most security-conscious brands, governments, and institutions, YubiKeys work out of the box with hundreds of apps and services, delivering fast, passwordless access without friction or compromise.

We believe strong security should never be out of reach. Through our philanthropic initiative, Secure it Forward, we donate YubiKeys to nonprofits supporting at-risk communities.

Headquartered in Stockholm, Sweden; Santa Clara, California; and Singapore, Yubico is proud to be recognized as one of TIME’s 100 Most Influential Companies and Fast Company’s Most Innovative Companies. Learn more at www.yubico.com.

For media inquiries:

Yubico Communications Team
press@yubico.com

Source: Yubico