To safeguard users from falling prey to cyberattacks, Microsoft added a new feature in Windows 11 22H2 called Enhanced Phishing Protection.
When enabled, this will warn users about entering their passwords in insecure websites and apps – which were previously flagged as harmful in some manner. This needs to be enabled initially using a Windows password.
Windows 11 Enhanced Phishing Protection
Microsoft made Windows 11 with security in mind and has been adding new features every now and then to enhance this purpose. Lately, the company rolled out Windows 11 22H2 and embedded a great feature in it – Enhanced Phishing Protection.
This, in turn, has an internal feature called SmartScreen, which “identifies and protects against corporate password entry on reported phishing sites or apps connecting to phishing sites, password reuse on any app“, says the Microsoft Security Product Manager Sinclaire Hamilton.
Apps include the general ones like Notepad, Wordpad, or Microsoft 365 apps too, where people type in passwords and forget them – becoming a rich source of hacks for attackers. Thus, to avoid them from happening, this new feature.
IT admins can configure this setting through CSP/MDM or Group Policy and set specific scenarios for end users to see warnings. Further, this new feature is only available in the Windows 11 22H2 at this time and needs a Windows password to be enabled – not the Windows Hello sign-in.
Although Phishing Protection is enabled by default in Windows 11 22H2, you should turn on the password protection feature manually, within. For this, Go to Start > Settings > Privacy & security > Windows Security > App & browser control > Reputation-based protection settings.
Here, you would see two new options labeled ‘Warn me about password reuse‘ and ‘Warn me about unsafe password storage‘ under the Phishing protection section. Enable them to secure themselves. You’ll be asked to accept a UAC prompt when enabling this option.