ChatGPT May Not Be As Secure As You Think

Recent headlines have shown that ChatGPT’s privacy and security measures are… well, pretty bad.

The problems started when ChatGPT user Chase Whiteside noticed unrecognized logs in his chat history. The initial theory was that these chat entries belonged to other users who were somehow placed in the wrong account by ChatGPT, raising fears that chat logs or other personal information might be leaked due to an alleged bug. However, OpenAI, the company behind ChatGPT, investigated the issue and discovered that someone else had hacked Whiteside’s account, meaning that the unexpected logs were from a hacker using ChatGPT with Whiteside’s username and were not the result of a bug leaking history chat with other people.

While OpenAI’s investigation suggests that ChatGPT will not accidentally share your chat logs or personal data with other users, it still highlights a serious issue with the service’s account security. Or, more precisely, the lack thereof.

Non-existent ChatGPT account security settings

Most websites, apps, or services you log into offer security measures designed to prevent hackers or bots from gaining access to your account. The most common are two-factor authentication based on text messages or email, or the more secure two-factor authentication (2FA), which uses pre-generated login codes or additional apps to verify login. They will also send text messages, emails and/or push notifications to your devices whenever you (or someone else) tries to log in, alerting you to possible account hacks.

While 2FA is more effective than two-step verification at preventing accounts from being hacked, they are both more secure than using a password alone. Unfortunately, ChatGPT offers neither, so someone was able to hack Whiteside’s account, although Whiteside claims his password was a nine-character string consisting of “upper and lowercase letters and special characters.”

To be fair, Whitefield says his ChatGPT password was also linked to his Microsoft account, which is one of the biggest login security mistakes you can make: if one account is compromised, others using the same login information are too. are at risk. However, it is possible that the hacker never knew the password and simply hacked into Whiteside’s account.

Whatever method a hacker uses to break into Whiteside’s account, the fact is that you also need secondary lines of defense against data leaks, phishing attacks, spyware, social engineering, and password cracking software that hackers can use to steal logins . That’s why a strong and unique password is just one part of your online security checklist.

How to keep your ChatGPT account and data secure

While it is unlikely that someone will hack your ChatGPT account, it is entirely possible. If this is a deal breaker, the safest option is not to use an AI chatbot at all. Luckily, ChatGPT is free to use and doesn’t require you to hand over sensitive personal or financial data, so there’s little incentive to hack someone’s account. However, if you are going to use ChatGPT, you should still make an effort to keep your account secure.

  • Normally, enabling settings like 2FA is our first recommendation for setting up your login security, but since ChatGPT doesn’t offer such options, the best you can do for now is to make your username and password as secure as possible. Do not use your Google, Microsoft or Apple account to log into ChatGPT. This is convenient, but it ties your data from other services to ChatGPT, making it easier for someone to hack those other accounts. Create a new dedicated ChatGPT account with your own username and password that you don’t use anywhere else, and make sure the password is strong. Yes, and it would be wise to change your ChatGPT password regularly.

  • To reduce the chance of someone stealing your personal information if your account is hacked, do not include any personal information or sensitive data in your ChatGPT queries or searches.

  • Finally, keep an eye on your chat history. If you notice new entries that you don’t recognize, be sure to report the issue to the official OpenAI email address [email protected] and then update your password immediately.

More…

Leave a Reply