mirror of
https://github.com/TommyTran732/Windows-Setup.git
synced 2024-11-21 15:41:45 -05:00
Compare commits
4 Commits
e014370480
...
212897255e
Author | SHA1 | Date | |
---|---|---|---|
212897255e | |||
3cec6edfe7 | |||
7de25f2b16 | |||
da8557b39a |
@ -0,0 +1,12 @@
|
||||
# Windows Defender SmartScreen
|
||||
|
||||
`Computer Configuration\Administrative Templates\Windows Components\Windows Defender SmartScreen`
|
||||
|
||||
- Enhanced Phising Protection -> Service Enabled -> Disabled
|
||||
|
||||
**For a corporate scenario or when you cannot trust the user you are configuring it for and you choose to have SmartScreen enabled, do the followings:**,
|
||||
|
||||
- Explorer -> Configure Windows Defender SmartScreen -> Enabled -> Warn and prevent bypass
|
||||
- Microsoft Edge -> Prevent bypassing Windws Defender SmartScreen prompts for sites -> Enabled
|
||||
|
||||
There is also Explorer -> Configure App Install Control that you might want to look into. Probably theatre though, it doesn't appear to block anything, or anything meaningful at least.
|
@ -45,7 +45,11 @@ Consider scenarios where you use Proton Drive/Mega/PrivateBin which append the e
|
||||
|
||||
### Phising protection
|
||||
|
||||
Not sure if this does online or offline checks, so privacy implications are unclear. It is theatre anyways - use a proper password manager and FIDO2. Best to keep it off.
|
||||
This is extremely invasive to the point where I do not think it's okay to keep it on under any circumstances, with any kind of threat model.
|
||||
|
||||
https://support.microsoft.com/en-us/topic/protect-your-microsoft-password-from-being-phished-e4e8e611-e4b3-4be9-914c-db1657c337cf
|
||||
|
||||
The protection is minimal - it only "protects" the Microsoft account used to sign into Windows. The whole exercise is theatre, use a proper password manager and FIDO2.
|
||||
|
||||
### Potentially unwanted app blocking
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user