# OpenClaw Bets on OAuth Instead of API Keys — and the Security Clock Is Running

- slug: openclaw-bets-on-oauth-instead-of-api-keys-and-the-security-clock-is-running
- date: 2026-04-24
- category: Agentics

63% of OpenClaw instances run without auth. Its new OAuth login removes the API key — but for operators who never had a login to begin with, that is not a fix. It is a new dependency.

---