Windows 11 Gets Enhanced Phishing Protection

Written by Dom Kirby

Former MSP Owner, CyberSec Practitioner, Modern Work Pro, Evangelist, Husband & Father

September 26, 2022

With the release of Windows 11 22H2, Microsoft has added Enhanced Phishing Protection to its operating system. This feature proactively warns users if they’re putting their Windows password into an insecure application (such as Notepad or Word) or on websites.

Windows login credentials are extremely valuable to threat actors, are they can often be used to access corporate resources outside of the machine itself. Combine that with a staggering lack of multifactor authentication or proper access management, and you’ve got a recipe for disaster.

“SmartScreen identifies and protects against corporate password entry on reported phishing sites or apps connecting to phishing sites, password reuse on any app or site, and passwords typed into Notepad, Wordpad, or Microsoft 365 apps,” explains Microsoft Security Product Manager Sinclaire Hamilton. “IT admins can configure for which scenarios end users see warnings through CSP/MDM or Group Policy.”

Alert displayed when entering a Windows password where you shouldn't.

Alert displayed when entering a Windows password where you shouldn’t.

It’s worth noting that, right now, this feature has some important limitations:

  • It will not function when logging in with Windows Hello (but, Windows Hello is massively powerful for preventing cred theft)
  • It is not enabled by default (check out Bleeping Computer’s guide on turning it on)

With those limitations in mind, it seems that this feature is primarily targeted at enterprise customers joined to traditional domains.

You May Also Like…

Ready. Set. (Entra) Passkey!

Ready. Set. (Entra) Passkey!

Now that Passkeys are generally available, we can start thinking of strategies to implement phishing resistant...