OpenAI has begun rolling out Lockdown Mode for personal ChatGPT accounts, an optional security setting designed to mitigate prompt injection attacks. Initially introduced for enterprise plans in February, the feature is now available to Free, Go, Plus, Pro, and self-serve Business users through the Safety and security settings.
Understanding Prompt Injection
Prompt injection is a form of social engineering targeting chatbots. Attackers embed malicious instructions within webpages, documents, or other content that an AI might process, hoping the model follows those instructions instead of the user's commands. OpenAI positions Lockdown Mode as a last line of defense rather than a complete solution. The company emphasizes that the mode does not prevent prompt injections from appearing in content ChatGPT processes; it simply makes it more difficult for attackers to extract sensitive information.
Trade-offs for Enhanced Security
The trade-off is designed for users who handle valuable data. Enabling Lockdown Mode restricts ChatGPT's interactions with the external world. Live web browsing is limited to cached content, Deep Research and Agent Mode are completely disabled, file downloads are blocked, and the chatbot stops fetching or displaying web images in responses. However, image generation and manual file uploads continue to work, and memory remains unaffected. Users can also temporarily disable Lockdown Mode for a single chat session via the status banner above the composer when a task requires the full feature set.
Additional Security Tool
Alongside Lockdown Mode, OpenAI is introducing an active session manager that lists all devices and browsers signed into your account. Users can log out individually or all at once, though the bulk action may take up to 30 minutes to take effect. OpenAI clarifies that Lockdown Mode is not intended for everyone; it is built for executives, security teams, and anyone whose ChatGPT conversations contain sensitive information worth protecting.
