Summary

Between 05:53 AM PDT on March 31st, 2025, and 6:00 AM PDT on April 1st, 2025, some users in certain geographies experienced login failures when attempting to access ChatGPT. The peak period of these login issues occurred between 2:15 AM and 4:15 AM PDT. The root cause was identified as automated bot protection measures triggered by our authentication vendor's security infrastructure.

Root Cause and Contributing Factors
- A sudden and significant spike in login traffic originating from some geographies triggered bot protection mechanisms at our authentication vendor, resulting in legitimate users being erroneously flagged as bots.
- This increased traffic was driven by heightened user engagement following a viral product feature launch (Imagegen).
- Due to the vendor's configuration, our internal monitoring systems lacked direct visibility into these protection measures, delaying identification and response.

Recovery
We immediately engaged with the vendor's support team and they disabled the bot protection measures causing the issue.

Preventive Measures
- Continue to transition select critical security functions from external vendor's to OpenAI's internal security systems.
- Implement enhanced monitoring and alerting on internal security systems to improve visibility and rapid response to similar issues.
- Integrate advanced user verification methods that minimize false positives and improve overall user experience.