Information
This policy setting determines whether Enhanced Phishing Protection is in audit mode. This allows notifications to be sent to users regarding unsafe password events. Additionally, Enhanced Phishing Protection captures unsafe password entry events and sends diagnostic data through Microsoft Defender.
The recommended state for this setting is: Enabled
Note: This setting only applies to Microsoft accounts (computer or browser login) while using Microsoft Windows 11 and not on-prem domain-joined accounts.
Allowing Enhanced Phishing Protection the ability to warn users about unsafe password use could prevent phishing attempts and (credential) data loss. In addition, the Microsoft 365 Defender Portal provides valuable phishing sensor data found in the environment.
Solution
To establish the recommended configuration via configuration profiles, set the following Settings Catalog path to Enabled :
Smart Screen\Enhanced Phishing Protection\Service Enabled
Impact:
None - this is default behavior.