Policy

Service Enabled

Microsoft Windows

Back to Enhanced Phishing ProtectionBack to main
Service Enabled
Jump to overview

Policy overview

Key metadata and intent for this policy.

Computer
Category
Windows Components > Windows Defender SmartScreen > Enhanced Phishing Protection
Supported on
At least Windows 11 Version 22H2

Supported OS tags: Windows11

This policy setting determines whether Enhanced Phishing Protection in Microsoft Defender SmartScreen is in audit mode or off. Users do not see notifications for any protection scenarios when Enhanced Phishing Protection in Microsoft Defender is in audit mode. Audit mode captures unsafe password entry events and sends telemetry through Microsoft Defender. If you enable this policy setting, Enhanced Phishing Protection in Microsoft Defender SmartScreen is enabled in audit mode and your users are unable to turn it off. If you disable this policy setting, Enhanced Phishing Protection in Microsoft Defender SmartScreen is off and it will not capture events, send telemetry, or notify users. Additionally, your users are unable to turn it on. If you don’t configure this setting, users can decide whether or not they will enable Enhanced Phishing Protection in Microsoft Defender SmartScreen.

Internal name
ServiceEnabled
Policy ID
43bdc9e991f9
Elements
0

Registry values

How enabled and disabled states update the registry.

ScopeRegistry locationTypeEnabled valueDisabled valueCopy
Computer
Path
Software\Policies\Microsoft\Windows\WTDS\Components
Value name
ServiceEnabled
REG_DWORD
HKLM
1
HKLM
0
Registry location
Type REG_DWORD · Computer
Path
Software\Policies\Microsoft\Windows\WTDS\Components
Value name
ServiceEnabled
Hive
HKLM
Enabled value
1
Disabled value
0

Policy elements

Inputs and configuration options exposed by this policy.

This policy has no additional user input fields.