How it works
Multi-factor authentication adds an extra layer of security to the sign-in process that makes it harder for unauthorized users to gain access to your account. Once enabled, MFA will apply when you log in with your OpenAI account across our services, including ChatGPT, API Platform, and Labs. After providing your login details, you will be asked to provide a verification code from the authenticator app that you set up when you turned MFA on. This will involve using another app to get a code that you enter when logging in.
You will only be able to log in using your current method of authentication while MFA is on. If you want to change your authentication method, you will need to un-enroll and re-enroll to MFA.
Please note that, if you've already enrolled in MFA and are able to log in, you can continue to use it or disable it.
MFA Options
We support TOTP authentication, with fallbacks to a recovery code given at enrollment time or a code sent to your email.
How to enable MFA in your account
Multi-factor authentication can be enabled in the Settings page located in either ChatGPT or the OpenAI developer platform.
After logging into chatgpt.com, click on your name in the bottom-left of the page to open the menu and select Settings:
Under Security, the Multi-factor authentication option will allow you to turn MFA on or off by selecting Enable or Disable, respectively.
After logging into the platform.openai.com, select Setting on the left side of the page.
Select Your profile at the bottom of the page and find the Security tab. Select the “Enable MFA” button under Multi-factor authentication (MFA) to enable multi-factor authentication.
If MFA is enabled, you will be able to select the “Disable MFA” button under Multi-factor authentication (MFA) to disable multi-factor authentication.
Adding an additional authentication method
After selecting Enable MFA, you will be prompted to authenticate into your account. Once you complete the authentication, you will be asked to set an authenticator app, such as Google Authenticator, as your secondary authentication method.
After selecting this option, use your preferred authenticator app to scan the provided QR code and enter the one-time code.
After establishing your authentication method, you will be provided a recovery code. We strongly recommend keeping this code somewhere safe. You can use it if you need to log into your account without your authenticator app.
How to recover access to your account
In the event that you lose access to your authentication method, you can recover access to you account by following these steps:
Log into the ChatGPT or the Developer platform with your email and password.
When asked to verify your identity, select Try another method (found under the Continue button).
Select either Email or Recovery code.
After selecting Email, a code will be sent to the email address associated with your account.
Input the code sent to your email in the “Enter your one-time code” field to proceed to your account.
If you select Recovery code, you will be prompted to provide the recovery code provided when you first set up MFA.
Input the recovery code in the “Enter your one-time code” field to proceed to your account.
If you are having trouble logging in and own an iOS device, first check Settings > Passwords > OpenAI on your device and look for a verification code. If found, enter that on the "Verify your identity" screen during login.
What happens if you have multiple login / authentication methods?
If you have multiple login / authentication methods associated with your accounts, you will only be able to use the authentication method you set up with multi-factor authentication.
If you prefer another authentication method, please log in, disable MFA, and re-enable MFA with your preferred authentication method.
In ChatGPT:
After logging into chatgpt.com, click on your name in the bottom-left of the page to open the menu and select Settings.
Under Security, select the Disable option under Multi-factor authentication to disable MFA.
Once MFA is disabled for your account, log out of your account.
Log back into you account with your preferred authentication method, return to Settings > Security, and select Enable MFA.
Please note that you will be prompted to use this authentication method to complete MFA setup for your account.
In the OpenAI developer platform (API):
After logging into the platform.openai.com, select Settings on the left side of the page.
Under Your profile > Security, select the “Disable MFA” button under Multi-factor authentication (MFA) to disable MFA.
Once MFA is disabled for your account, log out of your account.
Log back into you account with your preferred authentication method, return to Settings > Your profile > Security, and select Enable MFA.
Please note that you will be prompted to use this authentication method to complete MFA setup for your account.
Does enabling MFA cancel or log out any logged in sessions?
No, enabling MFA does not cancel existing logged in sessions. To cancel or log out any logged in sessions, select the Log out of all devices option in Settings -> Security.
Is it possible to enforce 2FA / MFA for an entire workspace or organization?
We do not currently support this as a workspace or organization wide setting.