Enhanced Phishing protection in Windows 11
Windows 11 comes with an advanced feature of enhanced protection. When users type their passwords in insecure applications this feature warns them. Typing passwords in spreadsheets, word processor, and text editor are enough for attackers to steal the passwords and get access to the important data.
According to Sinclaire Hamilton Security Product Manager at Microsoft, SmartScreen recognizes applications that are connected to phishing websites and alert the users. These applications are normally WordPad, Microsoft 365, and notepad which are insecure applications, and it’s easy for attackers to hack data even if users have not submitted the data on the websites. The advanced feature helps users to protect themselves from attackers.
This enhanced phishing protection feature sends alerts to the users through CSP/MDM or group policy. This feature is available in windows 11 only. One has to login in using their windows password rather than through Window hello. If one will use a pin to log in then they will not be able to use this feature. When the user will log in using a window password this feature will give alerts for removing passwords from all insecure applications. If one has entered a password on any insecure website, then this application will inform the user to change the password.
Enhanced phishing protection features will be enabled by default, but one must enable all the options to protect passwords.
This is an outstanding feature for users to protect their passwords from attackers. One should enable it to get protection against phishing websites. There is a need for improvement in this feature as this feature doesn’t support many applications and browsers. When this security feature was tested it was not supporting Mozilla Firefox, Microsoft Excel, and many other applications and browsers. Microsoft has to work more to improve this feature.