OpenAI Rolls Out Lockdown Mode to Protect Against Prompt Injection Attacks
Key Takeaways
- ▸Lockdown Mode disables web browsing, image retrieval from web, deep research, and agent mode to mitigate prompt injection risks
- ▸The feature targets organizations and individuals handling sensitive data, not general users
- ▸OpenAI acknowledges the feature provides risk reduction but is not foolproof against all prompt injection vectors
Summary
OpenAI announced Lockdown Mode, a new security feature designed to protect sensitive data from prompt injection attacks—where malicious instructions are hidden in webpages and other content. When enabled, the feature disables live web browsing (limiting users to cached content), image retrieval from the web, deep research capabilities, and agent mode.
The feature is specifically designed for organizations and individuals handling sensitive data who want stricter protection against data exfiltration risks. OpenAI is currently rolling out Lockdown Mode to self-serve ChatGPT Business accounts and eligible personal accounts.
The company acknowledges that Lockdown Mode is not a complete solution. Prompt injections could still appear in cached web content or uploaded files and affect ChatGPT's responses. However, the goal is to significantly reduce the likelihood that sensitive data gets exposed through these attack vectors.
- Rollout is underway for ChatGPT Business accounts and eligible personal accounts
