Windows 11 Enhanced Phishing Protection Now Detects Copy and Paste of Passwords

Microsoft's Windows 11 Enhanced Phishing Protection now detects copy and paste of passwords and unsafe password reuse.


is one of the most common and dangerous that can compromise your personal and financial information. To help users avoid falling victim to phishing, has announced improvements to its Enhanced Phishing Protection service, which was launched last year with Windows 11 22H2.

Windows 11 Enhanced Phishing Protection is a cloud-based service that uses artificial intelligence and to analyze web pages and detect phishing indicators, such as misleading URLs, fake login forms, or spoofed logos.

The service works with Microsoft Edge, the default browser for Windows 11, and can protect users from phishing attacks across different apps and platforms. Microsoft is continuing to enhance the phishing protection features in Windows 11.

New Improvements for Enhanced Phishing Protection

There are two main improvements Microsoft is making to Enhanced Phishing Protection:

  • Detection of copy and paste of Windows passwords:┬áThis new feature will warn users if they try to copy and paste their Windows password into a website or document that is known to be malicious.
  • Detection of unsafe password reuse:┬áThis new feature will warn users if they try to use a password that has been reused on multiple websites.

These new features are part of Microsoft's Enhanced Phishing Protection, which is a cloud-based service that uses machine learning to identify and block phishing attacks. Enhanced Phishing Protection is enabled by default in Windows 11, and it can be configured through the Windows Security app. The improvements are currently in preview via Windows 11 Insider Dev build 23506.

Phishing is a common cyberattack technique that involves sending fraudulent emails or messages that appear to come from legitimate sources, such as banks, government agencies, or trusted contacts. The goal of phishing is to trick the recipients into clicking on malicious links or attachments, or providing sensitive information, such as passwords, credit card numbers, or personal details.

According to Microsoft, phishing is one of the most prevalent and persistent threats facing organizations and individuals today. In 2020, Microsoft detected over 8 million phishing attempts per day across its platforms and services. Phishing is also the main entry point for ransomware attacks, which have increased in frequency and severity in recent years.