Microsoft addresses Windows Recall backlash, promises to fix security issues and make it opt-in

 Windows Recall icon.
Windows Recall icon.

What  you  need to  know

  • Microsoft announced it’s shipping next-gen AI features, including Windows Recall, Live Captions, and more, to Windows 11 via its 24H2 release.

  • Windows Recall has been received with a cocktail of emotions, with most users airing privacy and security concerns.

  • Following these developments, Microsoft has implemented new measures to prevent security loopholes, including adding Windows Hello as an extra security layer when enabling Windows Recall.

Today, Microsoft announced it is addressing a recent backlash around Windows Recall, its controversial forthcoming AI-powered search service that works by taking a snapshot of your PC every 5 seconds.

Recently, it was discovered that the feature stores data unencrypted on the device. The company says it will ensure Windows Recall data is safe by employing "just-in-time" protection, which ensures the data is only decrypted when the user authenticates into the app with Windows Hello.

Read more: What is Windows Recall? Everything you need to know about Windows 11's new AI feature

Additionally, Microsoft says it will make Windows Recall an opt-in experience, meaning it won't be enabled by default on Copilot+ PCs. Users will be prompted to enable or disable it during Windows Setup, and if they choose not to enable It, the feature will not function.

Microsoft also says it's making further security improvements to Windows Recall. It will now require Windows Hello (via facial recognition and/or fingerprint) to be set up on the system and require the user to be present in front of the screen to access Recall data. If the user is not at their computer, Recall data will not be accessible.

Here are the changes Microsoft is making to Windows Recall:

  • First, we are updating the set-up experience of Copilot+ PCs to give people a clearer choice to opt-in to saving snapshots using Recall. If you don’t proactively choose to turn it on, it will be off by default.

  • Second, Windows Hello enrollment is required to enable Recall. In addition, proof of presence is also required to view your timeline and search in Recall.

  • Third, we are adding additional layers of data protection including “just in time” decryption protected by Windows Hello Enhanced Sign-in Security (ESS) so Recall snapshots will only be decrypted and accessible when the user authenticates. In addition, we encrypted the search index database.

The Windows Experience Blog has more information about Microsoft's changes and explanations for them. Windows Central recently posted a how-to guide on disabling Windows Recall.