Overview
- Lockdown Mode, which began rolling out on Saturday, June 6, is available to logged‑in Free, Go, Plus, Pro and self‑serve ChatGPT Business accounts and can be enabled in Settings under Safety & Security.
- When turned on, the mode blocks or limits features that can make outbound network requests, including live web browsing (limited to cached content), image retrieval/display, Deep Research, Agent Mode, Canvas networking and file downloads.
- OpenAI says the setting is optional and aimed at users handling sensitive data, and it reduces the chance attackers can use connected tools to exfiltrate information but does not stop prompt injections from appearing or guarantee no data loss.
- Alongside Lockdown Mode OpenAI added an active session manager so users can view devices and remotely log out sessions, and enterprise workspace admins keep controls over memory, file uploads and conversation sharing.
- Security experts call Lockdown Mode a blunt but practical hardening step and advise pairing it with content‑level scanning—regex, secret detection and semantic similarity checks on tool outputs—to block exfiltration without wholly sacrificing agent capabilities.