OpenAI Lockdown Mode: ChatGPT Security Against Prompt Injection

OpenAI is introducing a new optional security feature called Lockdown Mode for eligible ChatGPT accounts. This feature aims to protect against data exfiltration risks from prompt injection attacks. Here's the thing: Lockdown Mode limits several capabilities that connect to the web or external services. This reduces the chance of sensitive data leaving the platform. What's interesting is that it doesn't stop prompt injections from appearing in content, like uploaded files. Instead, it restricts the final stage of an attack by limiting outbound network requests. When enabled, some ChatGPT features are disabled or restricted. For example, live web browsing is limited to cached content, and Deep Research and Agent Mode are unavailable. ChatGPT also cannot download files for data analysis, though users can still upload files manually. Image retrieval and display might be limited, but image uploads and generation are still supported. The bottom line: This new mode is designed for users and organizations handling sensitive information, offering an extra layer of security against potential data breaches.