How Windows Security reacts when you type Windows password in Notepad or websites with Enhanced Phishing Protection active
With this feature, you’ll never type your password on a phishing website again
2 min. read
Published on
Share this article
Read our disclosure page to find out how can you help Windows Report sustain the editorial team Read more
Phishing attacks are fairly common as they allow hackers to obtain your information such as login data.
To prevent this, Microsoft has developed Enhanced Phishing Protection, and we can finally see how it works in action.
Enhanced Phishing Protection can now alert you if you type your password on unsafe websites
Many users tend to save their passwords in Notepad since it’s convenient, but this is a terrible practice since Notepad saves your passwords in plaintext format.
By doing so, anyone who has access to your PC, such as a hacker, malware, or anybody else, can find and read them.
If you happen to do that, Enhanced Phishing Protection will now inform you that it’s not safe to save passwords in this format.
This will even generate an event in the Event Log that your system administrator can later review if needed.
That’s not all, the feature will also detect if you type your Windows password to a known phishing website in any browser and give you an alert in the Defender for Endpoint portal.
By doing so, users will be prevented from sharing their passwords to domains that are associated with phishing attacks.
While this sounds great, the feature currently only works with your Windows login password.
This isn’t a major problem, especially if you have a Microsoft account and you use that account to access various Microsoft services on the web.
Since Microsoft and Google are often impersonated by scammers, a feature such as this can put an end to phishing attacks.
In other news, Duo was struck by a phishing attack, so be prepared for more phishing attacks in the future.
