Here's how the Windows 11 2022 Update protects your passwords and privacy from phishing attacks

Hp Elite Dragonfly G3 Hero
(Image credit: Windows Central)

Microsoft started shipping the Windows 11 2022 Update last week. The update includes several features, including the return of drag and drop in the Taskbar and a Live Captions feature. But the Windows 11 2022 Update isn't just about an improved user interface and accessibility, it also has a long list of security features to protect your PC and privacy. Microsoft outlined all of the security enhancements in a blog post (opens in new tab).

Bleeping Computer recently took a closer look at the Enhanced Phishing Protection feature that comes with the Windows 11 2022 Update. When enabled, the tool warns people when they've typed their password into an insecure website or application.

"Enhanced phishing protection in Microsoft Defender Smartscreen can detect and warn you when you’re entering your password into a known compromised app or website," explained Microsoft. "It also promotes good credential hygiene by warning users when they try to re-use passwords or store them in an unsafe location such as a text file."

While it's not considered a good way to store passwords, some people create a list of their login details in programs such as WordPad or Notepad. The new phishing protection features in the Windows 11 2022 Update can show a warning when a user tries to store their passwords in an unsafe place.

There are three options within the feature:

  • Warn me about malicious apps and sites
  • Warn me about password reuse
  • Warn me about unsafe password storage

In testing performed by Bleeping Computer, the feature issued warnings when trying to store passwords in several apps, including WordPad and Word 2019. The outlet did not see prompts when typing passwords into OneNote, Excel, or Notepad2. Those are surprising omissions that may be covered by the feature in the future.

As its description suggests, the option to warn a user about password reuse warns a person if they try to use their Windows password on other websites. Having the same password across multiple accounts is insecure because if an attacker manages to obtain one of your passwords, it can then access your other accounts.

The new phishing protection feature is only available through the Windows 11 2022 Update, which is rolling out gradually now.