OpenAI introduces Lockdown Mode to guard against prompt injection attacks
The optional security setting disables tools an adversary could use to extract sensitive data from ChatGPT
OpenAI has launched Lockdown Mode, an optional security feature designed to protect high-risk users from prompt injection attacks, in which malicious instructions hidden in external content attempt to manipulate an AI system into leaking data.
The setting is aimed at a small group of security-conscious users such as executives and security teams at prominent organisations, rather than the general ChatGPT user base, the company said.
When enabled, Lockdown Mode deterministically disables tools and capabilities that an attacker could exploit to exfiltrate sensitive information.
Web browsing, for instance, is restricted to cached content so that no live network requests leave OpenAI's controlled infrastructure.
The company said some features will be switched off entirely where it cannot offer strong guarantees of data safety.
Lockdown Mode is available now for ChatGPT Enterprise, ChatGPT Edu, ChatGPT for Healthcare and ChatGPT for Teachers, and workspace administrators can enable it by creating a new role in their settings.
OpenAI said it plans to extend the feature to consumer accounts in the coming months.
Alongside Lockdown Mode, the company is introducing a standardised "Elevated Risk" label across ChatGPT, its research tool ChatGPT Atlas and its coding agent Codex.
The label is intended to give users consistent, in-product warnings when enabling features that may increase exposure to security risks.
Related reading
- OpenAI launches open-source toolkit for social science research
- OpenAI's GPT-5.2 conjectured a physics formula that its authors later proved correct
- VfL Wolfsburg adopts ChatGPT Enterprise in drive for digital efficiency
Developers granting Codex network access, for example, will see the label on the relevant settings screen with an explanation of what changes and what new risks may apply.
OpenAI said it will remove the label from individual features once security improvements have sufficiently reduced the associated risks, and will continue to update which capabilities carry the designation over time.
The Recap
- OpenAI adds Lockdown Mode and Elevated Risk labels.
- Lockdown Mode restricts web browsing to cached content.
- Lockdown Mode will be available to consumers in coming months.
