What Lockdown Mode Is and Why It Exists
Lockdown Mode is an optional ChatGPT security feature that restricts the model’s online capabilities to reduce the risk of prompt injection attacks and protect sensitive conversation data from being exfiltrated through hidden, malicious instructions. OpenAI describes it as a last line of defense that adds extra AI data protection on top of existing ChatGPT security features at the model and backend levels. Instead of changing how prompts are interpreted, it narrows what ChatGPT is allowed to do with the outside world. In practice, that means trading convenience for safety whenever you are working with highly confidential information. According to Engadget’s report on OpenAI’s announcement, “Lockdown Mode is not intended for everyone… It is designed for people and organizations that handle sensitive data and want stricter protection from data exfiltration risks related to prompt injection.”
Prompt Injection Attacks: The Hidden Risk in Everyday Content
Prompt injection attacks are a form of social engineering aimed at AI systems: attackers hide crafted instructions inside text, documents, or web pages that ChatGPT processes, hoping to override normal behavior and steal data or trigger unintended actions. When ChatGPT browses the web or reads uploaded content, those hidden instructions can tell it to reveal parts of your conversation history or make network requests that leak information. GadgetReview notes that a seemingly harmless PDF or cached web page can carry invisible commands that make your assistant follow an attacker’s playbook instead of yours. These attacks do not rely on breaking encryption or hacking servers; they exploit how conversational models follow instructions. That makes them hard for users to spot and a serious concern for anyone who uses AI to handle legal files, patient records, or internal business documents.
Lockdown Mode Explained: What It Blocks and What Still Works
Lockdown Mode works by cutting off the main channels prompt injection attacks can abuse. In this state, ChatGPT cannot use live web browsing, AI agents that act on your behalf, or network-connected code execution. File downloads are blocked, Deep Research is disabled, and images will not be pulled from the internet or displayed inside responses. However, you can still upload documents manually, generate images, and use core chat capabilities. OpenAI stresses that Lockdown Mode does not change memory, file uploads, sharing conversations, or whether chats may be used to improve models; those are controlled by separate settings. Importantly, this mode does not stop malicious instructions from appearing in content, but it prevents them from making outbound calls that could exfiltrate data. Think of it as putting ChatGPT in a contained environment where it can think, but cannot reach out.
Who Should Enable Lockdown Mode—and What You Give Up
Lockdown Mode is aimed at high-risk, high-sensitivity use cases rather than casual conversations. Security teams, healthcare providers, legal professionals, and anyone whose ChatGPT sessions include trade secrets or regulated data are the most likely candidates. In return for stronger AI data protection, you lose up-to-date web results, automated research across many sources, and helpful agents that could shop or book travel. Search becomes limited to cached or model-known information, and ChatGPT behaves more like an isolated assistant than a connected one. Security specialists describe this as containment, not a cure: it reduces the impact of prompt injection attacks but does not make unsafe content safe. For the most confidential material, the safest option is still to keep it out of chatbots entirely and treat Lockdown Mode as one layer in a broader security strategy.
How to Turn On Lockdown Mode and OpenAI’s Other New Controls
Lockdown Mode is available for all personal ChatGPT accounts, including the free tier, and is especially recommended for users who regularly handle sensitive data. To enable it, open Settings, go to the Safety and security or Security section, then open Advanced security and toggle Lockdown Mode on. A status message appears above the chat window, and you can temporarily disable the protection for a single conversation via the Manage option by selecting Turn off for this chat. Alongside this feature, OpenAI is releasing an active session manager that shows which devices and browsers have accessed your account and lets you log out of individual or all sessions. If you suspect unauthorized access, OpenAI advises changing your password, reviewing sign-in methods, and contacting support. Together, these controls mark a move toward more granular, user-configurable ChatGPT security features.
