Starting in Windows 11, version 22H2, Enhanced Phishing Protection in Microsoft Defender SmartScreen helps protect Microsoft school or work passwords against phishing and unsafe usage on sites and apps. We are trying out a change starting with this build where users who have enabled warning options for Windows Security under App & browser control > Reputation-based protection > Phishing protection will see a UI warning on unsafe password copy and paste, just as they currently see when they type in their password.
This actually seems like a cool and useful feature. The basic gist – which is a bit unclear from the short blurb above – seems to be that if, e.g., a child using a school account copies and pastes that school account password to use somewhere else, this feature will warn them about it. Usefulness of warning dialogs aside, I can see this being quite useful in large organisations.
While this does have merit, Id much rather see the ability (via an API) to link a 3rd party password manager into the OS. For example, having lastpass become my password manager and (like it does in the browser with a plugin) warm me if a password is insecure or reused. I say lastpass, but there are So many open source tools to accomplish the same thing.