Technology in terms you understand. Sign up for my weekly newsletter, "Confident Computing", for more solutions you can use to make your life easier. Click here.

One Change You Should Make to Windows File Explorer Right Now to Stay Safer

The vast majority of Windows default settings boil down to a matter of personal preference.

Over the years, as I’ve installed Windows over and over again on new machines, test machines, and more, I’ve slowly adapted to simply accepting the default settings rather than re-applying a large number of customizations every time.

There’s one setting that I and many other security-conscious folks feel that Microsoft simply got wrong. It’s a setting that you should probably change right away.

You don’t want Windows Explorer to “Hide extensions for known file types”.

Become a Patron of Ask Leo! and go ad-free!

This is WINDOWS Explorer

Important: I’m hearing from a lot of people who aren’t finding this setting in Internet Explorer.

That’s correct. It’s not in Internet Explorer.

The program this applies to is Windows Explorer, also known as File Explorer in Windows 8 & 10.

Follow the instructions that follow to run Windows File Explorer.

Changing the setting

Run Windows Explorer – Windows Key + E will do, or right-click the Windows 7 start orb and click Open Windows Explorer, or run File Explorer in Windows 8 & 10.

If the menu bar is not visible, press and release the ALT key on your keyboard to make it appear.

Windows Explorer Tools menu

Click Tools and then Folder Options…:

Windows Explorer Hide extensions for known file types

(In Windows 8 File Explorer there is no Tools menu. Instead click on the View menu, Options, Change folder and search options to get here.)

Click the View tab.

Make sure that Hide extensions for known file types is NOT checked. By default, it is.

Why this is so important

An extension is the end-part of a filename, from the last period onward. For example, in picture.jpg, the extension is .jpg. For resume.doc, the extension is .doc.

File extensions tell Windows what to do with a file when you double-click it (among other things). For example, when you double-click picture.jpg, the file extension tells Windows that it should open up your image viewing program. For resume.doc, it would indicate that a document editing program be run.

At any point in time, Windows “knows about” many different file extensions, depending on the applications that you have installed.

“Hide extensions for known file types” causes Windows Explorer to hide – not display – the file extension portion of the filename.

For example, here’s example.doc with Hide extensions for known file types unchecked:

File with extension shown
And in the default case, with it checked:

File with extension hidden
You can see that the .doc is not displayed. The Type column shows what type of file Windows thinks it is, but the actual extension is hidden from view.

Now, let’s use a more sinister example.

example.doc.exe

When a file with that name is shown using Windows default settings to hide the file extension, it looks like this:

Windows Explorer displaying a filename in a misleading way
What shows is “example.doc”, even though the filename is really “example.doc.exe”.

You might be tempted to think it’s a .doc file, even though it’s not. It’s a .exe file. The Type column shows the correct type – Application – but the display looks like it’s a .doc file.

The malicious scenario works like this:

  • You receive an attachment or download a file named something.doc.exe.
  • You view that file in Windows Explorer and see only something.doc.
  • Seeing this, you believe that it’s a document and double-click the file to open it.
  • Because the real filename is something.doc.exe, it’s an application and Windows treats it like a program and runs it.
  • Then, the program installs malware on your machine.

The best way to prevent this? Don’t “Hide extensions for known file types”.

Attempted malicious file revealed for what it is
That way, the file is revealed for what it truly is.

87 comments on “One Change You Should Make to Windows File Explorer Right Now to Stay Safer”

  1. haha always the first thing I do when I go onto a new/different computer! 😀 I don’t understand the logic in having them hidden to be honest

  2. This is the first thing I change when I am setting up a new Windows computer, even before installing antivirus.
    I agree it’s a mistake on Microsoft’s part.

  3. I always make this change, along with ‘show full path’ or whatever that option is called.
    Every time Microsoft “improve” Windows to another version, they hide yet more stuff from the average user. Gone are the days where you can open a folder, and what you see is actually what is there.
    It’s the reason more and more computer users have to turn to places like this (which I heartily recommend to my less-than-tech-savvy friends btw).

  4. Yes, as above I did this when I bought my new laptop. I noticed very quicky that the file type was missing. I was used to seeing it.

  5. Leo, I am running Internet Explorer 9. Trying to allow displaying file extensions. The problem I have is when I press the alt key and click “Tools” there is no “Folder Options”.

    This article is about Windows Explorer, not Internet Explorer.

    Leo
    17-Jan-2012
  6. I always do this on my machines and any customers. Why make life difficult. For good measure make sure that “display full path in title bar” and “display full path in address bar” are also ticked, that way you get to see name, size, type and date modified as well.

  7. Leo: I’ve subscribed to your newsletter for at least 10 years, which tells you how much I like it. I just want to say that you are absotively, posilutely right about the default “hide file extensions”. File extensions mean nothing to computer-illiterate users, but I provide tech support to a gaggle of friends and paying clients. The first thing I have to do the first time I get my hands on their computer is CHANGE THAT DEFAULT! M$ should make the default “show all extensions”. It would make no difference to users who don’t know what they mean, and all the difference to the people who have to fix their screwed-up computers.

  8. Harry, in IE9 don’t open IE. Instead open “control panel” there you will find “folder options”. Click it, then click the tab “view”. Then you will be where you need to be.

  9. One thing that always bugs me about this option and its “Hide …” friends is the fact that they’re logically inverted checkboxed. Instead of the option being “Show extensions for known file types” (and sure, if Microsoft still wants, making it unchecked by default), it’s all bass-ackwards!

    As far as the option’s existence, if memory serves, this hearkens back to good old windows 98 (or was it a bit later? Certainly no later than win2k), when Microsoft were trying several different “novel” approaches to handling browsing your own computer (among them was the single-click browsing method — hover for a sec to highlight; we know how that one worked out!).

    To the best of my understanding, the idea was that one would use the icon or the long description (either from the Details view or from the tooltip) to obtain a friendly version of the same information you got from knowing the extension (i.e. that you’re looking at an application, or an image, or a Word document). Unfortunately, two things worked against this: firstly, the icon and long description might not be there, so you’d get a generic “unknown object” icon and the description “Unknown EXT file”… which was no better than showing the extension in the first place; and secondly, malicious third parties could fake these more or less effectively. One can attack all users of Irfanview by using its image icon for a malicious .jpg.exe, and I’m fairly certain the description also gets pulled out of the .exe’s metadata, when available.

    Worst of all, of course, there would be multiple long-winded ways of referring to the same thing (I call mine “Irfanview JPEG image”, you call yours “ACDSee Joint Photographic Experts Group Image”, but they’re both the same .jpg we all know and love). It was a solution looking for a problem from the get-go, and that’s normally fine if it gets reverted after a version or hotfix or such.

    I’m not sure why the default is still to hide the extensions, but I suspect it’s that someone keeps wanting to change it and gives up whenever they have to run that past a review board (of Mac users).

  10. This is one of the many excellent articles by Ask Leo. I have encountered many situations where I noticed a message saying ‘file download complete’. A download of some ‘anti various software would have been allowed subconsciously and out of ignorance. Thank you Ask Leo!!!

  11. Leo, you are soooo right on! I’ve been displaying file extensions for ages and recommend to my clients they do the same. It makes life much easier indeed. Thanks for your excellent work and outreach.
    {URL removed}

  12. Harry, Open the Control Panel and click Tools.
    Folder Options should be there.
    Then click View and uncheck ” Hide…………..

  13. I would prefer some kind of user option to hide specific file types, like jpg, Mp3, avi or any files I constantly work with and rename. It is cumbersome and often time wasting to have to remember to add the file extensions to these often modified file types.

  14. Besides the very real and malicious possibilities, there’s also the simply inconvenient ones. In a single folder I might have several files of the exact same name, only with different extensions. If I’m working on a video file, it may be abc.mpg. When I create a still image from it, it may be abc.jpg. I may even create a text file with info called abc.txt. So, with at least 3 files, ALL named abc, WHICH one do I want to pull up? I need the extension to identify it. So, WHY name them all the same? Because all of them are the SAME project.

  15. @Harry
    This article is talking about Windows Explorer which pops up when you open My Computer or My Documents etc. not Internet Explorer.
    According to the article:
    “[To] Run Windows Explorer – Windows Key + E will do, or right-click the Windows 7 start orb and click Open Windows Explorer.”

  16. Years ago, when I first discovered a file being shown without an extension, I wondered what it was and went looking and discovered how to show extensions. I often had files with the same name except for extenstions. This was how I kept project files together that had Word, Excel, Powerpoint etc.

  17. If you uncheck “Hide extensions to known file types”, could that not cause problems when renaming files? It would be easy to accidentally delete the file extension and replace it with an incorrect one.

  18. @Dirgster
    That is a possibility, but Windows warns you if you are changing an extension and lets you opt out of renaming it, and if you do accidentally rename an extension, you can rename it back to the correct extension.

  19. That this default behavior was not changed when Windows 7 was released, tells me there is no one home at Microsoft. I completely agree with Leo, this option is a bad guys best friend.

  20. The process you suggested for reaching Folder Options did not work for me on Windows 7 but
    left clicking on start and typing ‘Folder Options’ into the Search programs and Files did.

  21. Phew, I’ve always unchecked this just because I wanted to be sure what type of file it was; I must admit I’d never thought of the safety aspect though.

    Good one, Leo

  22. ‘Folder options’ not showing under tools in Windows 8?

    Windows 8 has not been released. The beta version that might be out there is certain to have bugs. I won’t be addressing Win 8 until it’s released officially.

    Leo
    18-Jan-2012
  23. Thanks Leo, i was wondering why there where not any file extensions, i must admit i have looked at it in the past and wondered about it.
    Thanks for clearing that up Leo. Kind regards
    Dennis.

  24. Spot on Leo been doing this for ever even if for slightly different reasons, but I came across the scenario you just described a couple of years ago and since then my resolve to see ALL file extensions strengthened.

    Thanks for bringing this to everyone’s attention

  25. Way to Go Leo!
    In all the years of using Windows, I thought I was an odd-ball to do this. I have always set my windows up this way. I did this so I could see the extensions. Thank you for pointing out the security reasons.

  26. Leo, as an IT person I always set my personal computer to show file extensions, however I no longer do so for clients. My client base is mostly people with very limited computer knowledge and I’ve found that setting their computer to show file extensions is asking for trouble as they rename files and always seem to wipe out the extension. I’ve tried to educate them with limited success. Also, Windows warns them, but it’s just another screen they won’t read. I finally gave up and now make sure that file extensions, as well as system files and folders, remain hidden.

  27. I always have extensions shown. It avoids the possibility of expecting a jpg and having an exe file run and destroy your machine by surprise.

    Though I sympathize with the guy who has clients who change the extension and mess things up, I think I’d prefer that to having them trash their PCs.

  28. Thanks, Leo! I have an Entourage Pocket Edge Dual Book continually in need of tweaks that use .zip files. Instinct told me to rename these downloaded zipped files with just a name (because the .zip extension was added automatically). If I hadn’t done this, the file would have been “update.zip.zip” and would have seriously messed up this spruce-goose of a dualbook. The weird thing is that I didn’t get one of those typical Windows messages warning me that “if you change the file extension, the program may become unstable.” Still can’t figure that one out. But thanks, loads, for this information. Takes me back to the good old days of Windows 3.1 🙂

  29. Another reason to show file extensions is the ‘sort’ feature. You can sort by extension [or file type] to make it easier to find pictures, audio files, etc,

  30. For 2 reasons I hide the known file extensions; if a file extension appears I know there is something to be careful with. Checking the properties tells all. Secondly, often by renaming a file the extension gets lost. I know what I did if that should happen but my office staff often don’t.

  31. Brilliant, Leo – learning all the time. Clearly I have a long way to go; pity there aren’t many years left. Cheers, Les A.

  32. As with Ron Barker I do not have ‘folder options’
    but I am using Explorer 8. Please clarify.

    Windows 8 has not been officially released. The beta version that might be out there is certain to have bugs. I won’t be addressing Win 8 until it’s released officially.

    Leo
    18-Jan-2012
  33. To those who remind me that it is Windows Explorer Leo is referring to – why then does IE8’s heading read “Windows Internet Explorer”. No wonder Ron Barker, myself and others have made this comment and no wonder MS has the ability to confuse and to make normally intelligent people feel foolish. Too clever by far or does the adage KISS (‘keep it simple stupid’) no longer apply in this technorati (sic) world?

    Because it’s Internet Explorer for Windows. There’s no questioning, though, that Microsoft is exceptionally poor at naming things and has a long history of confusing and missleading names. Outlook/Outlook Express (which are unrelated), and Windows Live/Windows Live Mail/Windows Live Hotmail (3 different things) both come to mind. There’s more.

    Leo
    18-Jan-2012
  34. I have Internet Explorer 9, it does not show the folder view that you speak of

    We’re talking about Windows Explorer, not Internet Explorer.

    Leo
    18-Jan-2012
  35. Sorry I replied saying that I had read the article, there is a difference between looking at and reading it. Sorry to have wasted your time. I have done it in WINDOWS EXPLORER not in Internet Explorer

  36. Wizzo, Leo..! I was already doing this – but just ‘cos I want to see all info about the files. Did not figure the sinister implications – thanks for doing so.. 🙂

  37. Dear Leo,

    Dahhhhhhh!!!!!!!

    And your supposed to be an expert regarding Windows?

    I’ve been changing the “Hide known file extensions” for so many years that I really can’t remember when I began doing so. From my perspective, failing to do so is roughly equivalent to taking a loaded gun, with all the lights off in your house, and firing upon any sound your hear.

    Ooops!!! That was my two kids and wife I just killed. Sorry about that, but I promise you a really splendid funeral, even though I might not be able to attend because I will be locked behind jail-bars with shackles on my feet and hands, along with a wide piece of duct tape covering my mouth.

    Of course, if your specialty is shooting in the dark at UN-identified people, I strongly suggest that you apply that same philosophy when allowing Windows to remain in the default position of NOT identifying files with supposedly “known” file types.

    So the only real question that I have for you is this: What caliber of bullets should I send you as a gift?

    As one of my old college professors used to frequently state preceding certain paragrpaghs he made, he would always proceed it with the phrase: “And as any fool can plainly see…”

    Unless your purpose is to create a new book entitled “The Computer Idiots Bible”, I would strongly suggest that you spend a bit more time on this topic, including some of the other options available to Windows Users.

    Up until this time, I have diligently saved many years worth of your commentaries in a special folder labeled “Ask Leo.” With this latest quip, I wonder how you could not have possibly “stumbled” upon the obvious.

    But as I point out to my friends, I have very limited computer experience, having only written my first computer program back in 1965, and having purchased an IBM Pc with a serial number that was numbered less than 1,000.

    So what do I know???

    Aloha from the Big Island Of Hawaii,
    Glenn P. Ordell

  38. Thank you for alerting me to this, I have just changed my settings – I believe that this may well explain some of the ‘oddities’ that I have experienced.

    Having read some of the other comments I ask the question: “How do you know ABOUT something if you do not know OF something?” Please never assume that people know, ask them and check – then we will all know.

    Thank you Leo.

  39. Interesting article & thanks Leo.
    This one really does seem to divide the “techies” from the non-tech folks & the people that feel compelled to bloviate as to their purported knowledge levels.
    The rub (seems to me anyways) is to figure out how to train users to not race past warning & dialog boxes which should pop up for valid reasons.
    Keep up the good work & take care.

  40. I can’t get over the ‘Duhh’ commentary. I guess that commentator believes that everybody is as an erudite learner as he is. People should remember that since they have known something for years, it does not mean that others also have the same knowledge. I just came across someone that has been using computers for a long time, and is very knowledgeable, that did not know that right clicking on the Windows start button would allow one to open Windows Explorer. Oh wait – I know – the commentator must be the IT guy from SNL! You were very funny on that show!

  41. I have Windows XP (not 7) and IE 8 and do not have the same options shown. How can I make this change?

    It’s almost exactly the same as outlined in the article. Remember that we’re talking Windows Explorer here, not Internet Explorer.

    Leo
    18-Jan-2012
  42. Thank you Leo, I am a Senior and I appreciate
    this information on Windows Explorer being explained so clearly. Thank your for all you do for us here.

  43. @Terri
    An easy way to get to it in XP is to open My Computer
    [shortcut is Windows Key+e]
    In the toolbar mouse over Tools and click > Folder Options
    Select the > View Tab
    and then uncheck “Hide extensions for known file types.”

  44. To Glenn P. Ordell –
    If you can’t say anything intelligent, just keep your comments to yourself. You must have much anger inside of you.

  45. Thank you, Leo. This is the first time I’ve read one of your e-mails and actually followed up on it! Agree that your explanation was very easy to understand and execute. Been reading and enjoying your emails for quite awhile now. Thanks and keep up the good work.

  46. Thanks for the Tip Leo.Awesome advice.I will Pay more attention to future emails from you,and will always pass on the Goodwill.

    Take Care;
    Gregory D.Frampton

  47. Thank you Leo for writing once again about something many of us just do not realize needs to be changed.

    Do you recommend the other changes mentioned by previous posters? “display full path in title bar” and “display full path in address bar” are also checked”

    I have learned a lot about my computer from this site together with the site of the “other guy” Ask Bob Rankin. You both write in a way that non geeks can understand. Thank you, and please keep up the good work.

    I’d leave those setting to your discretion. I don’t want Windows to hide anything from me, but that may simply add confusion for those who may not know what it is they’re looking at.

    Leo
    19-Jan-2012
  48. Yes, this is the exact truth. I do not know why Windows dev team did not include this as default setting in WE, but actually it is the virus possible entrance. I accidentally noticed that issue 3 years ago.
    Personally, I don’t like extensions to be hidden, so I turn them ON every time I (re)install my WinOS.
    Anyway, thank you very much for this, Mr.Leo, because now I’m certain now that I did it right.

  49. Very good advice. Followed the instructions and found it unchecked. Also on the same page is an option to “Apply to all folders” and “Reset all folders” do you check one of these or let sleeping dogs lie.

  50. My Explorer on a new Windows 7 computer does NOT have “Hide extensions for known file types” under Tools. Did they correct this problem?

    Also, either show the Free Newsletter only once or at least have the option to close each one to eliminate seeing them. When I print your articles, these many Free Newsletter displays hide words inh the article, and prevent the words from printing properly!

    Make sure it’s Windows Explorer, and that’s Tools, Folder Options, View and then Hide known extensions. Sorry about the printing, it’s not supposed to print that at all. I’ll try and fix that soon.

    Leo
    21-Jan-2012
  51. When i get to Windows Explorer – it doesn’t show tools at the top like yours did. I don’t know where
    to find it. I have Windows 7. I always appreciate
    the advice you share.

  52. @Carolyn
    You’re not the only one confused by this! For some reason the programmers decided to hide it. The tool bar comes back very easily, however if you press and hold the alt key for a second.

  53. You claim above:

    You receive an attachment or download a file named something.doc.exe.

    You view that file in Windows Explorer and see only something.doc.
    MY QUESTION IS: How do I view the file attachment in an email in Windows Explorer?

    You would have saved it to disk from the email in which you recieved it.

    Leo
    22-Jan-2012
  54. Right at the start of this article you refer to the problem of having to re-apply a large number of customizations every time you get a new computer. Is there not some way that the current set of customisations can be saved and then transferred to another computer? Or at least to record and save the information in a document so it can easily be re-applied to the new machine? I’d have thought that would be a productive exercise for some enthusiastic programmer.

    It’s possible that tools like PC-Mover might do so, but particularly when upgrading from one version to another, or switching between editions (Home/Pro/Ultimate) not all customizations even apply. I just find it easier in general to live with as many defaults as I can.

    Leo
    31-Jan-2012
  55. When I was working, I had projects to do and I named the project files by the project name and only the extensions told me what program created the file. This was very useful in that I didn’t require a folder for each project.

    The viewing of extensions I found to be an essential tool.

  56. I understand the trade-off between setting up a new or rebuilt system with great custom tweaks and getting the computer into the user’s hands. You do a great job explaining all the pertinent details for this seccurity hole.

    The file icons are supposed to indicate what kind of file it is, but in List or Details View the icon may be too small to be meaningful.

    I strongly support the reasoning that the default should be to show the extension. But, then, I’m just another techie!

  57. And another +1 to show extensions.
    Recently got a spam email message with an obvious virus attachment. The attachment was ‘invoice.pdf.exe’ – like the example above. But even more insidious was, when saved to disk it had a Adobe Reader *icon*. Without file extensions shown it would appear as invoice.pdf with a Adobe reader icon to further trick the unwary.

  58. I’ve used this setting for years. Just remember when you do this if you rename a file, leave the extension or it will change.

  59. > when Microsoft were trying several different “novel” approaches
    > to handling browsing your own computer (among them was the
    > single-click browsing method — hover for a sec to highlight; we
    > know how that one worked out!)

    I’ve no idea what this is supposed to mean. I’ve been using what you call the “single-click browsing method” for years and years and I’m about as tech-savvy as they come, in the 95th percentile or higher for sure. It’s nothing but advantages ( no I won’t list them all ) with no disadvantages. “We all know how that turned out”? I seriously do not even have a _clue_ what you’re talking about .

  60. My Windows 10 File Explorer does show the menu bar, but it does not have a Tools option. If I click File – Change folder and search options – view; Advanced options then lists the Show or Don’t show the hidden extensions. Also, Control Panel – File Explorer options will take you to the same place.

  61. I think Windows Explorer is a very poor filemanager.
    There are lots of things I don’t like, some of which are worse than “don’t like” including….
    The explorer “page” seems cluttered and not divided cleanly into different areas of operation. Those areas which are separated are divided by thin blue lines which makes the separation even less clear sometimes. The top of the page in particular seems to have wishy-washy printing and cluttered commands which are not immediately obvious. Overall it makes me feel uncertain as to what I’m doing and more to the point, what explorer is doing, in an area dealing with the basic information on the PC which is files.
    Microsoft have loads of progs (apps) which have clear delineation between commands and files. Excel, Word etc etc etc. And there are quite a few non-Microsoft filemanagers about from which Microsoft could have taken their best points but they continue with something that looks like it got included accidentally from Windows 3.1 or even MSDOS.
    I say explorer makes me nervous, one of the things which flummox me is the fact that the “folders” listing unexpectedly jumps around without any prompting. A chosen folder will unexpectedly jump to the bottom of the page (or the top maybe) leaving me dismayed trying to find where I was a second ago.
    That largish transparent square which attaches to the cursor on moving or copying files is distracting and tends towards a lack of accuracy when pointing to a new folder.
    It got that way that I was relieved when I could come out of explorer and do other things.
    I have tried a few other filemanagers and the one that suits me happens to be the free version of Powerdesk (V6 I think).
    The trouble is I thus get less practised in using explorer BUT lots of apps default to opening explorer for various filemanaging tasks which re-introduces the nervous sinking feeling once again.
    Microsoft could do a LOT better than explorer in its present form and I wish they would.
    I am not nearly as informed as Leo, not by a long long way, but I have been using filemanagers since the dawn of personal computing in the 1980’s. I have even formed the opinion that Microsoft have not made explorer more user friendly to stop users fiddling with files.
    I hope that these opinions are not regarded as off topic for I would welcome any kind of feedback.

  62. I often create graphic files in CorelDRAW (cdr extension) then export to PDF, EPS, JPEG, PNG or some other file type… the file name remains the same, but the extension changes to reflect the type of file… when the proper extension is displayed, it is much simpler to locate & open & edit the intended file. One of my first tasks on a new computer is to change the WE default to show extensions. It save a lot of errors & brain damage.

  63. Is my Win10 File Explorer different from everyone else? It bears some resemblance to early versions, but lot of bells and whistles I don’t really want. No more Tools tab, only tabs shown at top are File, Home, Share, View. Under View, I must check File name extensions box to show extensions, not uncheck as shown above. I am now 80 and built my first pc’s in back in 70’s and can never understand how anyone would ever tolerate not seeing file name extensions. Hey, old dog learned a new trick here, opening file explorer with window key + E! Neat! Have to learn what else that windows key toy can do for me. Thanks Leo.

    • Microsoft has gone minimalist with File Explorer. Clicking on Home, Share or View menus would bring up the respective ribbons which give you access to their respective tools. If you want the ribbons always visible, right click to the right of View, and from the dropdown uncheck “Hide the ribbon”.

Leave a reply:

Before commenting please:

  • Read the article.
  • Comment on the article.
  • No personal information.
  • No spam.

Comments violating those rules will be removed. Comments that don't add value will be removed, including off-topic or content-free comments, or comments that look even a little bit like spam. All comments containing links and certain keywords will be moderated before publication.

I want comments to be valuable for everyone, including those who come later and take the time to read.