- The Windows Recall database and snapshots will now be encrypted on the computer.
- You will also have to sign in every time you want to access your timeline.
- The Windows 11 Setup will include an option to enable or keep the controversial feature disabled.
In light of the increased number of complaints, Microsoft has listened and announced critical changes to fix the security and privacy concerns for the Windows Recall feature, which is expected to arrive with the release of Windows 11 24H2 for Copilot+ PCs.
Windows Recall is a new feature that records everything you do on your computer by taking screenshots every few seconds and then uses multiple on-device AI models to scan and understand the content and content and make the information available for search using natural language.
Although it could be a really helpful feature, shortly after the original announcement, it was discovered that Recall wasnāt as secure as it was believed to be since the snapshots and database were easily accessible and stored in clear text that could make it easier for hackers to target this data to scrape your information. (I have created instructions detailing how to access your Windows Recall data on Windows 11.)
However, things are now changing. In short, the company will be adding several extra protection layers. For example, it will encrypt the Recall data on the computer, and Windows Hello authentication will be required to access the timeline. Also, you will have a new setting during the setup to enable or disable the feature even before getting to the desktop.
Windows Recall upcoming security changes
Right from the start, the Windows 11 Setup experience (or the Out-of-box Experience (OOBE)) will include a setting that clearly helps users choose to turn the Recall AI feature on or off.
Originally, Microsoft was planning to enable the controversial feature by default, but thatās no longer the case.
Also, the controversial feature will now be tied to Windows Hello, which means that if you donāt configure a PIN, face, or fingerprint as an authentication method, you wonāt be able to enable the Recall AI feature.
Once you turn on the feature, the system will require āproof of presenceā to access the āRecallā app, meaning that you will have to authenticate using Windows Hello to access your timeline. So, if you leave your computer signed in and step away, no one can access your timeline.
However, the company doesnāt specify whether the app will time out after a specific time of inactivity. If you leave the timeline open, other people may be able to access your information if you step away from the computer.
Microsoft has also taken a more aggressive approach to encrypting the data that Windows Recall collects to operate. First, the company is enabling the Windows Hello Enhanced Sign-in Security (ESS) to add the ājust in timeā description capability so that the Recall snapshots are encrypted on the device and will only be decrypted when you sign in to your computer using Windows Hello.
Furthermore, and perhaps more importantly, the Windows Sematic Index, the database that holds the information Recall collects from your activities, will now be encrypted.
These new changes are in addition to the previously announced security precautions, which include Secured-core PCs offering advanced firmware safeguards and dynamic root-of-trust measurement to help protect from chip to cloud, the Microsoft Pluton security processor to protect credentials, identities, personal data, and encryption keys, and the Windows Hello Enhanced Sign-in SecurityāÆ(ESS) implementation to offer biometric sign-in to access the feature.
Microsoft also emphasizes that the screenshots and any data the feature collects will stay on your computer and wonāt be uploaded to the cloud, nor will any information be used to train its AI models.
Also, the feature has been designed so that if itās enabled, the Recall icon will appear in the System Tray of the Taskbar, which you can move or remove while the feature is turned on.
If you use Google Chrome, Microsoft Edge, or another Chromium-based browser, the controversial timeline feature captures your activities while using InPrivate or Incognito mode. Also, the feature wonāt screenshot content with digital rights.
You can also pause, resume, or disable the Windows Recall feature anytime. Or you can configure the settings to exclude apps and websites you want the feature to track.
Furthermore, at any time, you can delete one or every snapshot that the feature has taken from the āRecall & snapshotsā settings page.
The company says itās taking action even before the Windows Recall feature becomes available on June 18, 2024. Itās important to note that the feature will be exclusive to Copilot+ PCs, meaning that computers currently compatible with Windows 11 wonāt be able to run this feature.
Do you think that these changes are enough for you to trust the Recall feature on Windows 11? Let me know in the comments.