What does OpenAI Lockdown Mode do?

OpenAI’s Lockdown Mode: limiting features to reduce prompt-injection risk

OpenAI has introduced Lockdown Mode, an optional security setting designed to protect users against prompt injection attacks. The central idea is that some security-relevant features are restricted, reducing the ways an attacker can manipulate how a model behaves.

Prompt injection is a threat class where malicious text (often embedded in content the user provides or asks the system to act on) can cause the assistant to ignore instructions, take unintended actions, or exfiltrate information. The risk increases when systems are able to use tools, follow instructions in content, or perform actions beyond simple chat.

What Lockdown Mode changes

• It’s positioned as advanced protection rather than a default for everyone.
• It limits certain features that could otherwise expand the attack surface.

That means Lockdown Mode is best understood as a tradeoff: more guardrails, but potentially less flexibility for workflows that rely on the restricted capabilities.

Why it matters now

AI security is moving from “general best practices” to productized controls inside the assistant itself. Lockdown Mode reflects a shift toward letting users opt into tighter boundaries when they’re handling sensitive tasks or when they suspect hostile input.

For enterprises and developers, the implication is practical: security teams can encourage stricter configurations for high-risk use cases, while standard settings remain available for lower-risk interactions.

Overall, Lockdown Mode shows how rapidly the industry is adapting to real-world exploitation patterns—especially prompt injection—by building mitigation directly into the user-facing product.