diff --git a/windows/security/book/cloud-services-protect-your-personal-information.md b/windows/security/book/cloud-services-protect-your-personal-information.md
index 57e9e76802..8438a9fac2 100644
--- a/windows/security/book/cloud-services-protect-your-personal-information.md
+++ b/windows/security/book/cloud-services-protect-your-personal-information.md
@@ -13,10 +13,9 @@ ms.date: 09/06/2024
 
 Your Microsoft Account (MSA) gives you access to Microsoft products and services with just one login, allowing you to manage everything all in one place. Keep tabs on your subscriptions and order history, update your privacy and security settings, track the health and safety of your devices, and get rewards. Everything stays with you in the cloud, across devices, and between OS ecosystems, including iOS and Android.
 
-You can even go passwordless with your Microsoft Account by removing the password from your MSA and using the Microsoft Authenticator app on your mobile Android or iOS phone.
-
-- Windows Reauthentication upon updating settings for 'If you've been away, when should Windows require you to sign in again: When users seek to disable their password for unlocking when away via Windows Settings, they'll be prompted to reauthenticate with their account and password.
+You can even go passwordless with your Microsoft Account by removing the password from your MSA and using the Microsoft Authenticator app on your Android or iOS device.
 
+- Windows Reauthentication upon updating settings for **If you've been away, when should Windows require you to sign in again**. When users seek to disable their password for unlocking when away via Windows Settings, they'll be prompted to reauthenticate with their account and password.
 - Windows Reauthentication upon disabling password for device restarts: When users try to enable this setting, they're reauthenticated with their account and password. Upon successful authentication, the password is disabled for future device restarts.
 
 :::image type="icon" source="images/learn-more.svg" border="false"::: **Learn more:**
diff --git a/windows/security/book/cloud-services-protect-your-work-information.md b/windows/security/book/cloud-services-protect-your-work-information.md
index 1967d28aaf..cff7945be8 100644
--- a/windows/security/book/cloud-services-protect-your-work-information.md
+++ b/windows/security/book/cloud-services-protect-your-work-information.md
@@ -57,7 +57,7 @@ Both these features use a new [Global Secure Access client for Windows](/entra/g
 - [Microsoft Entra Private Access](/entra/global-secure-access/concept-private-access)
 - [Microsoft Entra Internet Access](/entra/global-secure-access/concept-internet-access)
 
-## Modern device management through (MDM)
+## Modern device management through MDM
 
 Windows 11 supports modern device management through mobile device management (MDM) protocols so that IT professionals can manage company security policies and business applications without compromising user privacy on corporate or employee-owned devices. With MDM solutions like Microsoft Intune<sup>[\[9\]](conclusion.md#footnote9)</sup>, IT can manage Windows 11 using industry standard protocols. To simplify setup for users, management features are built directly into Windows, eliminating the need for a separate MDM client.
 
diff --git a/windows/security/book/features-index.md b/windows/security/book/features-index.md
index 4ea0833379..ce26f0ad52 100644
--- a/windows/security/book/features-index.md
+++ b/windows/security/book/features-index.md
@@ -7,6 +7,6 @@ ms.date: 09/06/2024
 
 # Features index
 
-[5G and eSIM](operating-system-security-network-security.md#5g-and-esim)<br>[Access management and control](identity-protection-advanced-credential-protection.md#access-management-and-control)<br>[Account lockout policies](identity-protection-advanced-credential-protection.md#account-lockout-policies)<br>[App containers](application-security-application-isolation.md#app-containers)<br>[App Control for Business](application-security-application-and-driver-control.md#app-control-for-business)<br>[Assigned Access and Shell Launcher (kiosk mode)](operating-system-security-system-security.md#assigned-access-and-shell-launcher-kiosk-mode)<br>[Attack surface reduction](operating-system-security-virus-and-threat-protection.md#attack-surface-reduction)<br>[BitLocker To Go](operating-system-security-encryption-and-data-protection.md#bitlocker-to-go)<br>[BitLocker](operating-system-security-encryption-and-data-protection.md#bitlocker)<br>[Bluetooth protection](operating-system-security-network-security.md#bluetooth-protection)<br>[Certificates](operating-system-security-system-security.md#certificates)<br>[Code signing and integrity](operating-system-security-system-security.md#code-signing-and-integrity)<br>[Common Criteria (CC)](security-foundation-certification.md#common-criteria-cc)<br>[Config Refresh](operating-system-security-system-security.md#config-refresh)<br>[Controlled folder access](operating-system-security-virus-and-threat-protection.md#controlled-folder-access)<br>[Credential Guard](identity-protection-advanced-credential-protection.md#credential-guard)<br>[Cryptography](operating-system-security-system-security.md#cryptography)<br>[Device Encryption](operating-system-security-encryption-and-data-protection.md#device-encryption)<br>[Device health attestation](operating-system-security-system-security.md#device-health-attestation)<br>[Domain Name System (DNS) security](operating-system-security-network-security.md#domain-name-system-dns-security)<br>[Email encryption](operating-system-security-encryption-and-data-protection.md#email-encryption)<br>[Encrypted hard drive](operating-system-security-encryption-and-data-protection.md#encrypted-hard-drive)<br>[Enhanced phishing protection with Microsoft Defender SmartScreen](identity-protection-advanced-credential-protection.md#enhanced-phishing-protection-with-microsoft-defender-smartscreen)<br>[Enhanced Sign-in Security (ESS)](identity-protection-passwordless-sign-in.md#enhanced-sign-in-security-ess)<br>[Enterprise State Roaming with Azure](cloud-services-protect-your-work-information.md#enterprise-state-roaming-with-azure)<br>[Exploit protection](operating-system-security-virus-and-threat-protection.md#exploit-protection)<br>[Federal Information Processing Standard (FIPS)](security-foundation-certification.md#federal-information-processing-standard-fips)<br>[Federated sign-in](identity-protection-passwordless-sign-in.md#federated-sign-in)<br>[FIDO support](identity-protection-passwordless-sign-in.md#fido-support)<br>[Find my device](cloud-services-protect-your-personal-information.md#find-my-device)<br>[Hardware-enforced stack protection](hardware-security-silicon-assisted-security.md#hardware-enforced-stack-protection)<br>[Kernel Direct Memory Access (DMA) protection](hardware-security-silicon-assisted-security.md#kernel-direct-memory-access-dma-protection)<br>[Local Security Authority (LSA) protection](identity-protection-advanced-credential-protection.md#local-security-authority-lsa-protection)<br>[MDM enrollment certificate attestation](cloud-services-protect-your-work-information.md#mdm-enrollment-certificate-attestation)<br>[MDM security baseline](cloud-services-protect-your-work-information.md#mdm-security-baseline)<br>[Microsoft Account](cloud-services-protect-your-personal-information.md#microsoft-account)<br>[Microsoft Authenticator](identity-protection-passwordless-sign-in.md#microsoft-authenticator)<br>[Microsoft Azure Attestation Service](cloud-services-protect-your-work-information.md#microsoft-azure-attestation-service)<br>[Microsoft Defender Antivirus](operating-system-security-virus-and-threat-protection.md#microsoft-defender-antivirus)<br>[Microsoft Defender for Endpoint](operating-system-security-virus-and-threat-protection.md#microsoft-defender-for-endpoint)<br>[Microsoft Defender SmartScreen](operating-system-security-virus-and-threat-protection.md#microsoft-defender-smartscreen)<br>[Microsoft Entra ID](cloud-services-protect-your-work-information.md#microsoft-entra-id)<br>[Microsoft Intune](cloud-services-protect-your-work-information.md#microsoft-intune)<br>[Microsoft Offensive Research and Security Engineering](security-foundation-offensive-research.md#microsoft-offensive-research-and-security-engineering)<br>[Microsoft Pluton security processor](hardware-security-hardware-root-of-trust.md#microsoft-pluton-security-processor)<br>[Microsoft security baselines](cloud-services-protect-your-work-information.md#microsoft-security-baselines)<br>[Microsoft Security Development Lifecycle (SDL)](security-foundation-offensive-research.md#microsoft-security-development-lifecycle-sdl)<br>[Microsoft vulnerable driver blocklist](application-security-application-and-driver-control.md#microsoft-vulnerable-driver-blocklist)<br>[Modern device management through (MDM)](cloud-services-protect-your-work-information.md#modern-device-management-through-mdm)<br>[OneDrive for personal](cloud-services-protect-your-personal-information.md#onedrive-for-personal)<br>[OneDrive for work or school](cloud-services-protect-your-work-information.md#onedrive-for-work-or-school)<br>[OneDrive Personal Vault](cloud-services-protect-your-personal-information.md#onedrive-personal-vault)<br>[OneFuzz service](security-foundation-offensive-research.md#onefuzz-service)<br>[Passkeys](identity-protection-passwordless-sign-in.md#passkeys)<br>[Personal data encryption (PDE)](operating-system-security-encryption-and-data-protection.md#personal-data-encryption-pde)<br>[Privacy dashboard and report](privacy-controls.md#privacy-dashboard-and-report)<br>[Privacy resource usage](privacy-controls.md#privacy-resource-usage)<br>[Privacy transparency and controls](privacy-controls.md#privacy-transparency-and-controls)<br>[Remote Credential Guard](identity-protection-advanced-credential-protection.md#remote-credential-guard)<br>[Remote Wipe](cloud-services-protect-your-work-information.md#remote-wipe)<br>[Secured kernel](hardware-security-silicon-assisted-security.md#secured-kernel)<br>[Secured-core PC](hardware-security-silicon-assisted-security.md#secured-core-pc)<br>[Securing Wi-Fi connections](operating-system-security-network-security.md#securing-wi-fi-connections)<br>[Server Message Block file services](operating-system-security-network-security.md#server-message-block-file-services)<br>[Smart App Control](application-security-application-and-driver-control.md#smart-app-control)<br>[Smart cards for Windows service](identity-protection-passwordless-sign-in.md#smart-cards-for-windows-service)<br>[Software bill of materials (SBOM)](security-foundation-secure-supply-chain.md#software-bill-of-materials-sbom)<br>[Tamper protection](operating-system-security-virus-and-threat-protection.md#tamper-protection)<br>[Token protection](identity-protection-advanced-credential-protection.md#token-protection)<br>[Transport layer security (TLS)](operating-system-security-network-security.md#transport-layer-security-tls)<br>[Trusted Boot (Secure Boot + Measured Boot)](operating-system-security-system-security.md#trusted-boot-secure-boot--measured-boot)<br>[Trusted Platform Module (TPM)](hardware-security-hardware-root-of-trust.md#trusted-platform-module-tpm)<br>[Trusted signing](application-security-application-and-driver-control.md#trusted-signing)<br>[Universal Print](cloud-services-protect-your-work-information.md#universal-print)<br>[User Account Control](application-security-application-and-driver-control.md#user-account-control)<br>[User reauthentication before password disablement](cloud-services-protect-your-personal-information.md#user-reauthentication-before-password-disablement)<br>[VBS Key Protection](identity-protection-advanced-credential-protection.md#vbs-key-protection)<br>[Virtual private networks (VPN)](operating-system-security-network-security.md#virtual-private-networks-vpn)<br>[Win32 app isolation](application-security-application-isolation.md#win32-app-isolation)<br>[Windows App software development kit (SDK)](security-foundation-secure-supply-chain.md#windows-app-software-development-kit-sdk)<br>[Windows Autopatch](cloud-services-protect-your-work-information.md#windows-autopatch)<br>[Windows Autopilot and zero-touch deployment](cloud-services-protect-your-work-information.md#windows-autopilot-and-zero-touch-deployment)<br>[Windows diagnostic data processor configuration](privacy-controls.md#windows-diagnostic-data-processor-configuration)<br>[Windows Firewall](operating-system-security-network-security.md#windows-firewall)<br>[Windows Hello biometric](identity-protection-passwordless-sign-in.md#windows-hello-biometric)<br>[Windows Hello for Business multi-factor unlock](identity-protection-passwordless-sign-in.md#windows-hello-for-business-multi-factor-unlock)<br>[Windows Hello for Business](identity-protection-passwordless-sign-in.md#windows-hello-for-business)<br>[Windows Hello PIN](identity-protection-passwordless-sign-in.md#windows-hello-pin)<br>[Windows Hello](identity-protection-passwordless-sign-in.md#windows-hello)<br>[Windows Insider and Bug Bounty program](security-foundation-offensive-research.md#windows-insider-and-bug-bounty-program)<br>[Windows passwordless experience](identity-protection-passwordless-sign-in.md#windows-passwordless-experience)<br>[Windows presence sensing](identity-protection-passwordless-sign-in.md#windows-presence-sensing)<br>[Windows Sandbox](application-security-application-isolation.md#windows-sandbox)<br>[Windows security policy settings and auditing](operating-system-security-system-security.md#windows-security-policy-settings-and-auditing)<br>[Windows security settings](operating-system-security-system-security.md#windows-security-settings)<br>[Windows Subsystem for Linux (WSL)](application-security-application-isolation.md#windows-subsystem-for-linux-wsl)<br>[Windows Update for Business deployment service](cloud-services-protect-your-work-information.md#windows-update-for-business-deployment-service)
+[5G and eSIM](operating-system-security-network-security.md#5g-and-esim)<br>[Access management and control](identity-protection-advanced-credential-protection.md#access-management-and-control)<br>[Account lockout policies](identity-protection-advanced-credential-protection.md#account-lockout-policies)<br>[App containers](application-security-application-isolation.md#app-containers)<br>[App Control for Business](application-security-application-and-driver-control.md#app-control-for-business)<br>[Assigned Access and Shell Launcher (kiosk mode)](operating-system-security-system-security.md#assigned-access-and-shell-launcher-kiosk-mode)<br>[Attack surface reduction](operating-system-security-virus-and-threat-protection.md#attack-surface-reduction)<br>[BitLocker To Go](operating-system-security-encryption-and-data-protection.md#bitlocker-to-go)<br>[BitLocker](operating-system-security-encryption-and-data-protection.md#bitlocker)<br>[Bluetooth protection](operating-system-security-network-security.md#bluetooth-protection)<br>[Certificates](operating-system-security-system-security.md#certificates)<br>[Code signing and integrity](operating-system-security-system-security.md#code-signing-and-integrity)<br>[Common Criteria (CC)](security-foundation-certification.md#common-criteria-cc)<br>[Config Refresh](operating-system-security-system-security.md#config-refresh)<br>[Controlled folder access](operating-system-security-virus-and-threat-protection.md#controlled-folder-access)<br>[Credential Guard](identity-protection-advanced-credential-protection.md#credential-guard)<br>[Cryptography](operating-system-security-system-security.md#cryptography)<br>[Device Encryption](operating-system-security-encryption-and-data-protection.md#device-encryption)<br>[Device health attestation](operating-system-security-system-security.md#device-health-attestation)<br>[Domain Name System (DNS) security](operating-system-security-network-security.md#domain-name-system-dns-security)<br>[Email encryption](operating-system-security-encryption-and-data-protection.md#email-encryption)<br>[Encrypted hard drive](operating-system-security-encryption-and-data-protection.md#encrypted-hard-drive)<br>[Enhanced phishing protection with Microsoft Defender SmartScreen](identity-protection-advanced-credential-protection.md#enhanced-phishing-protection-with-microsoft-defender-smartscreen)<br>[Enhanced Sign-in Security (ESS)](identity-protection-passwordless-sign-in.md#enhanced-sign-in-security-ess)<br>[Enterprise State Roaming with Azure](cloud-services-protect-your-work-information.md#enterprise-state-roaming-with-azure)<br>[Exploit protection](operating-system-security-virus-and-threat-protection.md#exploit-protection)<br>[Federal Information Processing Standard (FIPS)](security-foundation-certification.md#federal-information-processing-standard-fips)<br>[Federated sign-in](identity-protection-passwordless-sign-in.md#federated-sign-in)<br>[FIDO support](identity-protection-passwordless-sign-in.md#fido-support)<br>[Find my device](cloud-services-protect-your-personal-information.md#find-my-device)<br>[Hardware-enforced stack protection](hardware-security-silicon-assisted-security.md#hardware-enforced-stack-protection)<br>[Kernel Direct Memory Access (DMA) protection](hardware-security-silicon-assisted-security.md#kernel-direct-memory-access-dma-protection)<br>[Local Security Authority (LSA) protection](identity-protection-advanced-credential-protection.md#local-security-authority-lsa-protection)<br>[MDM enrollment certificate attestation](cloud-services-protect-your-work-information.md#mdm-enrollment-certificate-attestation)<br>[MDM security baseline](cloud-services-protect-your-work-information.md#mdm-security-baseline)<br>[Microsoft Account](cloud-services-protect-your-personal-information.md#microsoft-account)<br>[Microsoft Authenticator](identity-protection-passwordless-sign-in.md#microsoft-authenticator)<br>[Microsoft Azure Attestation Service](cloud-services-protect-your-work-information.md#microsoft-azure-attestation-service)<br>[Microsoft Defender Antivirus](operating-system-security-virus-and-threat-protection.md#microsoft-defender-antivirus)<br>[Microsoft Defender for Endpoint](operating-system-security-virus-and-threat-protection.md#microsoft-defender-for-endpoint)<br>[Microsoft Defender SmartScreen](operating-system-security-virus-and-threat-protection.md#microsoft-defender-smartscreen)<br>[Microsoft Entra ID](cloud-services-protect-your-work-information.md#microsoft-entra-id)<br>[Microsoft Intune](cloud-services-protect-your-work-information.md#microsoft-intune)<br>[Microsoft Offensive Research and Security Engineering](security-foundation-offensive-research.md#microsoft-offensive-research-and-security-engineering)<br>[Microsoft Pluton security processor](hardware-security-hardware-root-of-trust.md#microsoft-pluton-security-processor)<br>[Microsoft security baselines](cloud-services-protect-your-work-information.md#microsoft-security-baselines)<br>[Microsoft Security Development Lifecycle (SDL)](security-foundation-offensive-research.md#microsoft-security-development-lifecycle-sdl)<br>[Microsoft vulnerable driver blocklist](application-security-application-and-driver-control.md#microsoft-vulnerable-driver-blocklist)<br>[Modern device management through MDM](cloud-services-protect-your-work-information.md#modern-device-management-through-mdm)<br>[OneDrive for personal](cloud-services-protect-your-personal-information.md#onedrive-for-personal)<br>[OneDrive for work or school](cloud-services-protect-your-work-information.md#onedrive-for-work-or-school)<br>[OneDrive Personal Vault](cloud-services-protect-your-personal-information.md#onedrive-personal-vault)<br>[OneFuzz service](security-foundation-offensive-research.md#onefuzz-service)<br>[Passkeys](identity-protection-passwordless-sign-in.md#passkeys)<br>[Personal data encryption (PDE)](operating-system-security-encryption-and-data-protection.md#personal-data-encryption-pde)<br>[Privacy dashboard and report](privacy-controls.md#privacy-dashboard-and-report)<br>[Privacy resource usage](privacy-controls.md#privacy-resource-usage)<br>[Privacy transparency and controls](privacy-controls.md#privacy-transparency-and-controls)<br>[Remote Credential Guard](identity-protection-advanced-credential-protection.md#remote-credential-guard)<br>[Remote Wipe](cloud-services-protect-your-work-information.md#remote-wipe)<br>[Secured kernel](hardware-security-silicon-assisted-security.md#secured-kernel)<br>[Secured-core PC](hardware-security-silicon-assisted-security.md#secured-core-pc)<br>[Securing Wi-Fi connections](operating-system-security-network-security.md#securing-wi-fi-connections)<br>[Server Message Block file services](operating-system-security-network-security.md#server-message-block-file-services)<br>[Smart App Control](application-security-application-and-driver-control.md#smart-app-control)<br>[Smart cards for Windows service](identity-protection-passwordless-sign-in.md#smart-cards-for-windows-service)<br>[Software bill of materials (SBOM)](security-foundation-secure-supply-chain.md#software-bill-of-materials-sbom)<br>[Tamper protection](operating-system-security-virus-and-threat-protection.md#tamper-protection)<br>[Token protection](identity-protection-advanced-credential-protection.md#token-protection)<br>[Transport layer security (TLS)](operating-system-security-network-security.md#transport-layer-security-tls)<br>[Trusted Boot (Secure Boot + Measured Boot)](operating-system-security-system-security.md#trusted-boot-secure-boot--measured-boot)<br>[Trusted Platform Module (TPM)](hardware-security-hardware-root-of-trust.md#trusted-platform-module-tpm)<br>[Trusted signing](application-security-application-and-driver-control.md#trusted-signing)<br>[Universal Print](cloud-services-protect-your-work-information.md#universal-print)<br>[User Account Control](application-security-application-and-driver-control.md#user-account-control)<br>[User reauthentication before password disablement](cloud-services-protect-your-personal-information.md#user-reauthentication-before-password-disablement)<br>[VBS Key Protection](identity-protection-advanced-credential-protection.md#vbs-key-protection)<br>[Virtual private networks (VPN)](operating-system-security-network-security.md#virtual-private-networks-vpn)<br>[Win32 app isolation](application-security-application-isolation.md#win32-app-isolation)<br>[Windows App software development kit (SDK)](security-foundation-secure-supply-chain.md#windows-app-software-development-kit-sdk)<br>[Windows Autopatch](cloud-services-protect-your-work-information.md#windows-autopatch)<br>[Windows Autopilot and zero-touch deployment](cloud-services-protect-your-work-information.md#windows-autopilot-and-zero-touch-deployment)<br>[Windows diagnostic data processor configuration](privacy-controls.md#windows-diagnostic-data-processor-configuration)<br>[Windows Firewall](operating-system-security-network-security.md#windows-firewall)<br>[Windows Hello biometric](identity-protection-passwordless-sign-in.md#windows-hello-biometric)<br>[Windows Hello for Business multi-factor unlock](identity-protection-passwordless-sign-in.md#windows-hello-for-business-multi-factor-unlock)<br>[Windows Hello for Business](identity-protection-passwordless-sign-in.md#windows-hello-for-business)<br>[Windows Hello PIN](identity-protection-passwordless-sign-in.md#windows-hello-pin)<br>[Windows Hello](identity-protection-passwordless-sign-in.md#windows-hello)<br>[Windows Insider and Bug Bounty program](security-foundation-offensive-research.md#windows-insider-and-bug-bounty-program)<br>[Windows passwordless experience](identity-protection-passwordless-sign-in.md#windows-passwordless-experience)<br>[Windows presence sensing](identity-protection-passwordless-sign-in.md#windows-presence-sensing)<br>[Windows Sandbox](application-security-application-isolation.md#windows-sandbox)<br>[Windows security policy settings and auditing](operating-system-security-system-security.md#windows-security-policy-settings-and-auditing)<br>[Windows security settings](operating-system-security-system-security.md#windows-security-settings)<br>[Windows Subsystem for Linux (WSL)](application-security-application-isolation.md#windows-subsystem-for-linux-wsl)<br>[Windows Update for Business deployment service](cloud-services-protect-your-work-information.md#windows-update-for-business-deployment-service)
 
 
diff --git a/windows/security/book/identity-protection.md b/windows/security/book/identity-protection.md
index 92a5e1e8a6..dee9621971 100644
--- a/windows/security/book/identity-protection.md
+++ b/windows/security/book/identity-protection.md
@@ -11,6 +11,6 @@ ms.date: 09/06/2024
 
 :::image type="content" source="images/identity-protection-on.png" alt-text="Diagram containing a list of security features." lightbox="images/identity-protection.png" border="false":::
 
-Today's flexible workstyles and the security of your organization depend on secure access to corporate resources, including strong identity protection. Weak or reused passwords, password spraying, social engineering, and phishing are some of the top attack vectors. In the last 12 months, we saw an average of more than 4,000 password attacks per second.11 And phishing threats have increased, making identity a continuous battleground. As Bret Arsenault, Chief Information Security Officer at Microsoft says, *Hackers don't break in, they log in.*
+Today's flexible workstyles and the security of your organization depend on secure access to corporate resources, including strong identity protection. Weak or reused passwords, password spraying, social engineering, and phishing are some of the top attack vectors. In the last 12 months, we saw an average of more than 4,000 password attacks per second <sup>[\[11\]](conclusion.md#footnote11)</sup>. And phishing threats have increased, making identity a continuous battleground. As Bret Arsenault, Chief Information Security Officer at Microsoft says, *Hackers don't break in, they log in.*
 
 Because threats are constantly evolving and often difficult for employees to detect, organizations need proactive protection, including effortlessly secure authentication and features that defend users in real time while they work. Windows 11 is designed with powerful identity protection from chip to cloud, keeping identities and personal and business data safe anywhere people work.