A “login loop” means the credentials / SSO already passed OpenAI’s authentication, but the browser can’t complete the session handshake — the cookie is written, the next request can’t read it / it’s overwritten / a proxy strips it, so /api/auth/session returns empty and the UI bounces you to /auth/login. Loops are almost always browser-side, not bad credentials.
Common causes
1. Third-party cookies blocked
Most common. The session cookie set on auth.openai.com gets treated as third-party when handed back across to chatgpt.com. Chrome 2024+, Safari ITP, Firefox ETP “Strict” all do this by default.
How to judge: DevTools → Application → Cookies → chatgpt.com after login — does __Secure-next-auth.session-token exist? If no, the write was blocked.
2. Stale cookie from previous account / browser profile
Old cookie still alive — server-side dedupe drops the new login, or in-memory state shows the old user ID.
How to judge: DevTools → Application → Cookies → look for duplicate or ancient-timestamp __Secure-next-auth.* entries.
3. Privacy extension blocks the auth callback
uBlock Origin (with EasyPrivacy list), Privacy Badger, Brave Shields occasionally block auth.openai.com/u/login/callback or chatgpt.com/api/auth/callback/*.
How to judge: DevTools → Network → check if the callback request shows (blocked:other) or net::ERR_BLOCKED_BY_CLIENT.
4. VPN / residential proxy rotates exit IP each request
Cloudflare invalidates sessions that change IP mid-flight as anti-hijack. Most residential proxies (rotating IP pools) will loop.
How to judge: Turn off VPN, try again. Works = VPN was the issue. Or hit whatismyipaddress.com several times; different IPs each refresh = rotating.
5. System clock skew over a few minutes
Signed cookies (JWT) carry iat / exp. The server rejects them if your local clock is more than ~5 min ahead/behind — cookie arrives “already expired”.
How to judge: Mac → System Settings → General → Date & Time → “Set time automatically” should be ON.
6. Hosts file pinning chatgpt.com elsewhere
Rare but fatal — some corporate / school setups point chatgpt.com at an internal proxy. Cookie writes against the proxy’s internal IP, public IP can’t read it.
How to judge: Terminal cat /etc/hosts | grep -i openai (Mac/Linux) or notepad C:\Windows\System32\drivers\etc\hosts (Win).
Shortest path to fix
Do them in order; 90% resolve at Step 1 or 2.
Step 1: Triage with an Incognito window
Mac: Cmd + Shift + N (Chrome) / Cmd + Shift + N (Safari)
Win: Ctrl + Shift + NIncognito works = cookies / extensions in your regular profile (continue Steps 2-4). Incognito also loops = network / clock / system (jump to Steps 5-7).
Step 2: Nuke all OpenAI-domain cookies
DevTools (F12) → Application → Storage → Cookies, delete:
chatgpt.com all
openai.com all
auth.openai.com all
auth0.openai.com all (if present)Or Settings → Privacy → “Clear browsing data for chatgpt.com / openai.com”. Then log in.
Step 3: Allow third-party cookies
chrome://settings/cookies → Sites allowed to use third-party cookies → Add:
[*.]openai.com
[*.]chatgpt.comSafari → uncheck “Prevent cross-site tracking”. Firefox → ETP set to Standard. Details: Cookies blocked login.
Step 4: Disable extensions one at a time
chrome://extensions → turn all off → log in → re-enable one by oneOr use Incognito (extensions disabled by default) to confirm, then go back to your normal window and hunt the offender. Usual suspects: uBlock, Privacy Badger, Brave Shields, Decentraleyes, NoScript.
Step 5: Disconnect VPN / proxy
Try on your home network directly. If login succeeds, the VPN’s rotating IP was the trigger. Switch to a dedicated-IP exit; never use rotating residential pools.
Step 6: Verify system clock
Mac: Apple menu → System Settings → General → Date & Time → "Set time automatically" ON
Win: Settings → Time & language → Date & time → "Set time automatically" ON
Linux: timedatectl status, set with: sudo timedatectl set-ntp trueMost likely to drift: just came back from airplane mode, just crossed time zones, dual-boot systems.
Step 7: Check the hosts file
Terminal:
cat /etc/hosts | grep -iE 'openai|chatgpt'Non-empty output = someone redirected the domain. Delete the line (needs sudo), restart browser.
Step 8: Still failing? Check status.openai.com
Open status.openai.com → find “ChatGPT” and “Authentication”. Any non-green = OpenAI-side bug, wait it out.
Prevention
- One browser profile per ChatGPT account; don’t mix work and personal.
- Use Chrome multi-profile or Firefox container tabs if you swap accounts often.
- Choose a VPN with dedicated static IP; rotating residential is the #1 loop trigger.
- Don’t set “clear cookies on quit” for openai.com — you’ll re-trigger the loop next session.
- Always keep “set time automatically” on; remember to re-enable after travel.
- On corporate / school machines, check whether IT modified hosts or installed a TLS proxy before chasing browser fixes.
Related reading
- ChatGPT login failed
- Cookies blocked causing login failure
- Session expired repeatedly
- Blank screen after login
- Login works in one browser only
Tags: #ChatGPT #ChatGPT account #Troubleshooting #Debug #Login loop