What is OpenAI Lockdown Mode for prompt injection?

OpenAI rolls out “Lockdown Mode” to reduce prompt-injection data theft

OpenAI has begun rolling out “Lockdown Mode” to ChatGPT, an optional security setting aimed at blocking attackers from stealing data through prompt injection attacks.

Prompt injection is a common risk in systems that accept user-provided content. In these attacks, malicious instructions are hidden in websites, documents, or other inputs so that an AI assistant follows the attacker’s guidance—potentially exposing sensitive information or extracting data the user intended to keep private.

OpenAI’s Lockdown Mode is designed to mitigate that pathway by changing how ChatGPT processes and responds when prompt-injection attempts are present. The rollout is positioned as an extra layer of protection rather than something meant for every user. The company has indicated most people do not need to use the feature, suggesting it may involve stricter handling that could reduce some capabilities or flexibility.

The feature is also reflected across multiple coverage points, including the idea that it can disable or limit certain functions when enabled, trading convenience and breadth for improved security against sophisticated prompt-injection patterns.

For users, the practical significance is that ChatGPT can be made more resistant when handling sensitive content—like confidential documents, business data, or other information that could be targeted by malicious webpages or files.

For developers and enterprise teams, Lockdown Mode provides a clearer policy control: organizations can decide when to enforce the stronger guardrails based on risk level. As LLMs increasingly integrate into workflows (email, docs, knowledge bases), the ability to selectively tighten security becomes more important.

Bottom line: Lockdown Mode is a new ChatGPT setting intended to reduce the chance that injected instructions trick the model into revealing data that should stay protected.