OpenAI has introduced Lockdown Mode, a new optional security setting for ChatGPT designed to mitigate data exfiltration risks associated with prompt injection attacks.
Lockdown Mode is an optional security setting that limits tools and capabilities connecting to the web or external services.
Available to all logged-in users—including those on Free, Go, Plus, Pro, and self-serve ChatGPT Business plans—this feature represents a significant step in user data protection.
How It Works
Lockdown Mode restricts outbound network requests to prevent data from being sent to external URLs. While it does not prevent prompt injections entirely, it substantially reduces the pathways available for data loss.
Features Disabled in Lockdown Mode
- Live web browsing (limited to cached content only)
- Image display and retrieval from the web
- Deep research capabilities
- Agent mode functionality
- Canvas-generated code network access
- File downloads for data analysis
Important Limitations
- Lockdown Mode cannot be used simultaneously with Developer Mode.
- The mode reduces risk but does not guarantee prevention of data exfiltration. Remaining risks include enabled apps, unforeseen capability combinations, or novel attack techniques.
- The mode does not stop other prompt injection effects, such as incorrect answers generated from malicious instructions found in uploaded files.
Additional Account Management Update
In a related update, OpenAI also released a new account management feature. Users can now review active ChatGPT sessions and log out of individual or all sessions directly from their account settings.
Session information now includes: device type, app used, approximate location, sign-in date and time, trusted status, and a current session indicator.