OpenAI adds Lockdown Mode in ChatGPT to reduce prompt injection risk

In short: OpenAI has introduced a new ChatGPT setting called Lockdown Mode to help protect sensitive information from “prompt injection” attacks.

What happened

OpenAI announced Lockdown Mode, a security-focused option for people and organizations that handle sensitive data. Prompt injection is when hidden instructions are placed inside a web page, document, or other content, and the chatbot may follow those instructions without the user realizing it (like invisible sticky notes telling the assistant what to do).

When Lockdown Mode is turned on, ChatGPT limits several features that could increase risk. OpenAI says it disables live web browsing, meaning ChatGPT will only use cached content (saved copies, like looking at a screenshot instead of the live page). It also blocks pulling and showing images from the web, although users can still generate images.

Lockdown Mode also turns off “deep research” and “agent mode.” These features can involve the system doing more multi-step work across different sources, which can create more chances for hidden instructions to interfere.

OpenAI says Lockdown Mode is not meant for everyone. It is being rolled out to self-serve ChatGPT Business accounts and to eligible personal accounts.

Why it matters

More people are using chatbots at work with contracts, customer data, and internal plans. Lockdown Mode is meant to lower the chance that a chatbot accidentally shares or exposes that information while reading outside content. OpenAI also notes it is not a perfect shield, since prompt injections could still appear in cached pages or uploaded files, but the goal is to make data leaks less likely.

Source: TechCrunch AI