OpenAI Adds Lockdown Mode and Risk Labels to Strengthen ChatGPT Security

OpenAI has introduced new security features in ChatGPT aimed at protecting users and organisations from prompt-injection attacks and other high-risk interactions, as part of a broader push to strengthen AI safety controls.

The company said the update adds a Lockdown Mode that restricts ChatGPT’s ability to access external tools, browse the web, or interact with connected apps during sensitive sessions. The feature is designed for situations involving confidential data or high-risk workflows, giving users tighter control over how the AI can interact with outside systems.

OpenAI is also rolling out elevated risk labels, which flag conversations where certain capabilities—such as live web access or integrations—could increase exposure to malicious instructions. These labels are meant to provide clearer visibility into when AI responses may be influenced by external content or when additional caution is required.

"These additions build on our existing protections across the model, product, and system levels. This includes sandboxing, protections against URL-based data exfiltration⁠, monitoring and enforcement, and enterprise controls⁠ like role-based access and audit logs," OpenAI said in a blog post.

The company said the protections are intended to help users mitigate prompt-injection attacks, in which hidden or malicious instructions attempt to manipulate an AI system into revealing sensitive information or performing unintended actions.

By limiting external connections and highlighting potential risks, the new tools aim to give organisations more transparency and control over AI-driven workflows.

The features are being introduced first for enterprise, education and other organisational users, with broader availability expected over time. OpenAI said the rollout reflects a growing need for stronger safeguards as AI systems become more deeply integrated into business operations and handle increasingly sensitive data.