OpenAI rolls out Lockdown Mode to curb prompt injection risks in ChatGPT
OpenAI adds a stricter ChatGPT mode for sensitive work
OpenAI has introduced a new “Lockdown Mode” for ChatGPT, a feature designed to reduce the risk of prompt injection attacks, where malicious instructions are hidden inside webpages, documents or other content sources.
The company said the mode is aimed at people and organizations handling sensitive data and wanting stronger protection against data exfiltration risks. It is not meant for everyone, OpenAI said, but for users who need tighter controls around what ChatGPT can access and how it responds.
Lockdown Mode disables several features that can widen the attack surface. Users won’t be able to use live web browsing, meaning ChatGPT can only access cached content. The mode also turns off retrieval and display of images from the web, though image generation still works. In addition, deep research and agent mode are disabled.
OpenAI cautioned that the setting is not a complete fix. Even with Lockdown Mode enabled, ChatGPT can still be vulnerable to prompt injections that appear in cached web content or uploaded files, and those could still influence the accuracy or behavior of a response. The company’s goal, it said, is to make it less likely that sensitive information is exposed during those interactions.
The rollout is starting with self-serve ChatGPT Business accounts, along with eligible personal accounts.
Prompt injection has become a growing concern for AI systems that read from the web and other external sources, because hidden instructions can alter model behavior without being obvious to the user. OpenAI’s new mode is a direct response to that risk, narrowing the tools available to ChatGPT when users want a more controlled environment.
Sources:
Read more tech news on the Doppler VPN Blog.