64.1.3 (L1) Ensure 'Notify Unsafe App' is set to 'Enabled'

Information

This policy setting determines whether Enhanced Phishing Protection in Microsoft Defender SmartScreen warns users if they type their work or school passwords in Notepad, WordPad, or M365 Office apps like OneNote, Word, Excel, etc.

The recommended state for this setting is: Enabled

Note: This setting only applies to Microsoft Accounts (computer or browser login) while using Microsoft Windows 11 and not on prem domain-joined accounts.

Users will be warned if they store their password in Notepad or Microsoft 365 Office Apps. This can help reduce the risk of security incidents, such as data theft or data loss. Storing credentials in plain text allows for anyone who has authorized or unauthorized access to the system to obtain them.

Solution

To establish the recommended configuration via configuration profiles, set the following Settings Catalog path to Enabled :

Smart Screen\Enhanced Phishing Protection\Notify Unsafe App

Impact:

Saved passwords may be detected as false positives by Microsoft.

See Also

https://workbench.cisecurity.org/benchmarks/16853

Item Details

Category: SYSTEM AND INFORMATION INTEGRITY

References: 800-53|SI-16, CSCv7|8.3

Plugin: Windows

Control ID: b2f38f3e4bffc3a170cdd7e2ca99dc9852cf734812d37c381e1e9dbcbfc6db58