Posting here after support could only link me the “we don’t support changing phone numbers” article, which doesn’t fit my case.
The odd part: I can log in and out of ChatGPT web and Codex web (chatgpt.com/codex) repeatedly, no problem. Account ownership clearly isn’t the issue.
The phone check only triggers when authorizing the Codex client. After email + password + Authenticator MFA, I’m forced to enter a WhatsApp code sent to +44 …, a UK number that’s been permanently reclaimed and deactivated by my carrier. It no longer exists and can’t receive codes by any means.
Confirmed this blocks every client-auth path:
Codex Mac app
codex login (localhost callback)
codex login --device-auth
All three hit the same WhatsApp screen; web sign-in never does.
Why the usual answers don’t help:
Change the number — not supported, and I can’t anyway.
Delete + re-register — active paid subscription + data I need to keep, and it’d fail since the number is gone.
Asking for: an escalation to whoever can either reset/remove the phone-verification requirement on Codex client authorization, or verify my identity another way (Authenticator, billing, signup info, ID) and unlink the dead number. Case 09491223.
Anyone hit this exact split — web works, client auth forces a phone you can’t reach — and gotten it resolved? What worked?
I’m facing exactly the same issue. I’ve been searching for a solution, but so far it doesn’t seem like there’s any workaround. I can’t use Codex anymore because the phone number registered with my account is no longer active. I’m thinking about creating a new account, but that would be really painful since I have a lot of configuration already set up under the current one.
It looks like OpenAI has enabled SMS verification, but they couldn’t care less whether users can actually access their old phone numbers. They haven’t even provided an option to update them! I just relocated from India to Singapore for work, and my old Indian number was deactivated ages ago. Now I’m stuck in Singapore, completely unable to use ChatGPT to kick off my work. This is beyond frustrating!
In fact, I think the latest Codex update may have introduced an incorrect verification logic. If it were verifying the “Text message” method configured under MFA instead of the original registered phone number, this blocking issue would not occur. Could you please raise the issue to your engineer? @OpenAI_Support
@Prashant_Pardesi Could you please help solve this issue ?
BTW, my Case Number: 09516786
If any further detailed info feel free let me know.
same here, annoying as hell. I have all the security, I used my old Estonian business phone number which is not in service anymore but yet somehow it doesn’t care about my passkeys or anything else besides the sms code…
EDIT: I tried to enroll my account to the advance security which should disable sms auth but I guess it doesn’t work
This matches my case exactly, and @owallesun’s theory fits perfectly. On my account, ChatGPT web and Codex web log in fine, and my MFA (Authenticator) works — the only failure is Codex client authorization (Mac app + CLI), which forces a code to my original registered number (+44 …, permanently deactivated by the carrier) instead of honoring my configured MFA method.
I’ve already updated to the latest Codex app + CLI per the macOS signing-rotation email; no change. So if recent client auth is falling back to the original registered phone number rather than the MFA method on file, that would explain why passkeys/Authenticator are ignored and only the dead SMS/WhatsApp number is accepted. Could the engineering team check whether Codex client auth is incorrectly verifying the original registered number instead of the user’s configured MFA method? Case 09491223.
Update: as of now I can sign in to the Codex client with no verification prompt at all — it just logged in. Not sure if this was a backend fix on OpenAI’s side or something else changed, but the blocking phone-verification step is gone for me right now.
That said, the dead +44 number is still attached to my account, so I’d still appreciate the security/eng team unlinking it or replacing it with a valid MFA method, so this doesn’t resurface if my session expires or I switch devices. Case 09491223. Thanks @OpenAI_Support — and hope this resolves for @owallesun and others too.
Thanks to @wschenkai for the reminding, So nice of you. I just tried logging in to Codex again on my Linux, and the login page no longer asks me to verify the original registered phone number. Codex works now!
Also, many thanks to @OpenAI_Support. I didn’t expect the issue to be resolved so quickly.
Lastly, it would be even better if there were an option to completely update the phone number originally associated with the account. Otherwise, I’ll always be worried that one day, if phone-based login or verification becomes mandatory, I may be locked out of my account again.
Quick question for @OpenAI_Support while I have your attention: would enrolling in Advanced account security(which disables email/SMS sign-in codes in favor of passkeys) reliably stop my account from ever falling back to phone verification on that dead +44 number? I’d like a permanent fix, but I want to confirm it won’t lock me out given my registered number is dead — and that passkeys fully replace the SMS path. Case 09491223.
One thing to keep in mind is that you may be asked to verify your account again in the future. For example, if your login session or cookies expire (which can happen over time), you may need to enter a verification code sent to your phone number to regain access.
I have the same request as well — a permanent fix for this issue. @OpenAI_Support
Either Codex should completely stop using the original registered phone number for login verification and instead use the SMS method configured under MFA, or OpenAI should provide a way for users to update the original registered phone number.
It is very difficult for users to keep using your service while constantly worrying that they may be locked out of their account one day.
