OpenAI Unveils Lockdown Mode to Protect Sensitive Data from Prompt Injection

OpenAI released Lockdown Mode, a new security feature designed to protect sensitive data from prompt injection attacks by disabling live web browsing, image retrieval, deep research, and agent mode. The company acknowledged that ChatGPT remains vulnerable to prompt injections in cached content or uploaded files even with the feature enabled. Lockdown Mode is rolling out to self-serve ChatGPT Business accounts and eligible personal accounts for users handling sensitive data.

OpenAI announced https://help.openai.com/en/articles/20001061-lockdown-mode a new feature that it says will provide additional protection from prompt injection attacks, where malicious chatbot instructions are hidden in webpages and other content sources. Among other things, Lockdown Mode will disable live web browsing so you can only access cached content , the retrieval and display of images from the web you can still generate images , deep research, and agent mode. The company says that even with Lockdown Mode turned on, ChatGPT could still be vulnerable to prompt injections — which could, for example, “appear in cached web content or in an uploaded file, and could still affect the behavior or accuracy of a response.” But the goal is to reduce the likelihood that sensitive data gets shared in the process. “Lockdown Mode is not intended for everyone,” OpenAI says. “It is designed for people and organizations that handle sensitive data and want stricter protection from data exfiltration risks related to prompt injection.” The company says it’s currently rolling Lockdown Mode out to self-serve ChatGPT Business accounts, as well as eligible personal accounts.