Why OpenAI is disabling ChatGPT web access to fight prompt injection attacks

OpenAI has launched a new security feature for ChatGPT called Lockdown Mode, which is aimed at protecting the sensitive data of users from prompt injection attacks. The new feature limits ChatGPT’s access to the web and external services in order to cut down the risk of data exfiltration.

“Lockdown Mode is not intended for everyone. It is designed for people and organisations that handle sensitive data and want stricter protection from data exfiltration risks related to prompt injection.” OpenAI wrote on a support page.

What is Lockdown Mode?

As mentioned above, the new security feature is aimed at tackling the problem of prompt injection, a growing issue for LLMs where attackers trick AI chatbots into revealing sensitive information pertaining to the user via hidden instructions in websites, emails, images, or other documents.

On its support page, OpenAI explained that Lockdown Mode is designed to prevent the final stage of a prompt injection attack by ‘limiting outbound network requests that could transfer sensitive data to an attacker.’

The company also stated that Lockdown Mode does not prevent prompt injections from appearing in content processed by ChatGPT, meaning a prompt injection could still affect the accuracy of responses from the chatbot.

Once Lockdown Mode is enabled in ChatGPT, it restricts the chatbot’s live web browsing to cached content only. Meanwhile, Deep Research and Agent Mode are also completely cut off, and Canvas-generated code can no longer access the internet.

ChatGPT will also not display images while answering your questions, and you will not be able to take advantage of the image-generation features of the chatbot until Lockdown Mode is in effect.

Lockdown Mode also cuts down access to some connectors inside ChatGPT, including shopping-agent features and the Finances feature inside the chatbot.

In terms of what doesn’t change, OpenAI says Lockdown Mode will not affect memory, file uploads, the ability to share a conversation, or whether your conversations may be used to improve models.

How to use Lockdown Mode?

OpenAI says Lockdown Mode is rolling out to all ChatGPT Free, Go, Plus, Pro and self-serve Business accounts. Once the feature is available on your account, you can check out the following method to turn it on.