Microsoft revamps controversial Recall feature to address security concerns

Windows Hello authentication will be required to enable Recall feature
An undated image of the Recall feature. — Microsoft blog
An undated image of the Recall feature. — Microsoft blog

Microsoft has made significant changes to its latest Recall feature — a tool that stores screenshots of almost everything a user does on a PC. This feature earlier became controversial over its security and privacy concerns among users.

While the feature was designed to remain local and private on the device, security experts expressed concerns about its potential impact on cybersecurity. In response to these concerns, the software giant has made Recall an opt-in feature, this means that the user have to must turn it on during the setup process for new Copilot Plus PCs.

Additionally, Windows Hello authentication will be required to enable Recall, and proof of presence will be required to view the Timeline and search in Recall. Microsoft has also added additional layers of data protection through Windows Hello Enhanced Sign-in Security (ESS) such as authentication with face, fingerprint, or using a PIN.

Read more: Google's NotebookLM goes global with multilingual support

Cybersecurity specialist Kevin Beaumont's discovered that the modifications that the AI-powered function from Microsoft was presently storing plain text in the database, left it open to malware attacks. Within the framework of its new Secure Future Initiative (SFI), which prioritises security, the corporation developed the Recall feature.

Although the company has had a few years of cybersecurity incidents, it seems to be taking a step in the right direction with Recall. In a statement, Windows head Pawan Davaluri said: "We're adding additional layers of data protection, including 'just-in-time' decryption protected by Windows Hello Enhanced Sign-in Security (ESS), so the Recall snapshots will be decrypted and accessible only when the user authenticates." He also emphasised that Microsoft is committed to putting privacy, safety, and security first.