Sign in with Microsoft
Sign in or create an account.
Select a different account.
You have multiple accounts
Choose the account you want to sign in with.

Enhanced Phishing Protection in Microsoft Defender SmartScreen helps protect your password from being stolen, or phished, on malicious sites and apps pretending to be safe.

If you sign into Windows 11 using a password, Enhanced Phishing Protection alerts you if you type that password into a malicious website or into an application connecting to a known malicious site. Enhanced Phishing Protection helps protect your password in four ways:

  • If you type your Microsoft account password into a site that SmartScreen finds malicious, Enhanced Phishing Protection will alert you. It will also prompt you to change your password so attackers can't gain access to your account.

  • Reusing the same password makes it easy for attackers who compromise your password to gain access to your other accounts. Enhanced Phishing Protection can warn you if you reuse your Microsoft account password on other sites or apps and prompt you to change your password.

Tip: For an engaging short story about the dangers of password reuse see Cameron learns about reusing passwords.

  • Since it's unsafe to store your password in text editors, Enhanced Phishing Protection can warn you if you type your password into Notepad or a Microsoft 365 Office application like Word or OneNote.

  • If you type your Microsoft account password into a website or app that SmartScreen finds suspicious, Enhanced Phishing Protection can automatically collect information—such as content displayed, sounds played, and application memory—from that website or app to help identify security threats.

Configure Enhanced Phishing Protection settings

You'll find Enhanced Phishing Protection's settings in the App & browser control panel of the Windows Security app. The fastest way to get to it is to follow these steps:

  1. Tap the start button and type reputation into the search box that appears

  2. Select Reputation-based protection from the search results.

Once the app is open, scroll down to Phishing protection and select the settings you want. By default, you are only protected against entering your password into malicious content.

Known Issues

  • Currently only the typed password used to sign into Windows 11 can be protected.

We're listening!

If you have any feedback or suggestions, you can share them with us in the Feedback Hub. Open the Feedback Hub app from the Start menu (or just press Windows Key + F) and when you get to the part where it asks what category your feedback is for select Security and Privacy > Microsoft Defender SmartScreen.

Learn more

Create and use strong passwords

How to go passwordless with your Microsoft Account

What is: Multifactor Authentication

Microsoft security help and learning

Need more help?

Want more options?

Explore subscription benefits, browse training courses, learn how to secure your device, and more.

Communities help you ask and answer questions, give feedback, and hear from experts with rich knowledge.

Was this information helpful?

What affected your experience?
By pressing submit, your feedback will be used to improve Microsoft products and services. Your IT admin will be able to collect this data. Privacy Statement.

Thank you for your feedback!