Microsoft Recall had a bumpy road from the start. It faced backlash over security concerns before it was even released due to the nature of what the feature does. Recall uses AI to track everything you do on your Windows 11 device so Copilot can "remember" activity or items if you ask about them (i.e. "Where did I store that email draft I was writing the other day?").

The idea of an AI watching everything you do on your device could be offputting all on its own, but the situation got worse for Microsoft when users realized that all that activity data from Recall was being stored as plain text files, making it extremely vulnerable to hacking and data theft.

This prompted Microsoft to change Recall to an opt-in feature (rather than something that was activated by default) on Copilot+ PCs. Microsoft also pushed back Recall's broad release to October, meaning we're now just days away from finally having access to it.

Now, after months of reworking the feature, Microsoft is bringing Recall back to Copilot+ PCs, which begs the question: Is Recall safe to use now?

Microsoft Recall returns with major security makeover

Windows Recall for Copilot+ PCs

On September 27, Microsoft finally released an update on Recall outlining some extensive security changes. The feature is slated to launch sometime in October, so this is our first look at what Microsoft has been up to since Recall's turbulent start this summer.

It looks like Microsoft took users' security concerns to heart. Recall will now be an opt-in-only feature, meaning Microsoft will not have Recall running by default on Copilot+ PCs. You will have to manually turn it on if you want to use it. Users will also have the option to completely remove Recall from their devices, going a step further than simply leaving it turned off.

Microsoft revised the way data from Recall is stored, which was a huge point of contention originally. Storing so much personal data as plain text files was clearly not acceptable, so this change was a must-have for Recall to have any chance of being secure. Now sensitive data and screenshots from Recall are encrypted.

Basically, data from Microsoft Recall will now be stored in an isolated, locked section of memory on your device. Think of it like a deserted island you can only access if you have a map and a password. Recall data isn't going to be freely accessible like Word documents, photos, or other everyday files on your device.

A flow chart explaining the security architecture of Microsoft Recall as of September 2024

The new and improved version of Recall also includes measures to prevent unauthorized access to users' data. You will need to use Windows Hello sign-in for "Recall-related operations," such as changing your Recall settings. Microsoft is also using rate-limiting and anti-hammering to prevent malware from accessing Recall data.

Additionally, Recall now has more privacy-focused features and settings. For example, if you're using private browsing, Recall will automatically not save any snapshots. You can also manually block specific websites and apps from Recall, control how long Recall data is saved for, and delete unwanted Recall data. Finally, Recall now has automatic sensitive content filtering, which will help block sensitive data like passwords from being stored in snapshots.

According to Microsoft's blog post, "Snapshots and associated data are stored locally on the device. Recall does not share snapshots or associated data with Microsoft or third parties, nor is it shared between different Windows users on the same device. Windows will ask for your permission before saving snapshots."

Is Microsoft Recall safe to use now?

Microsoft made some extensive changes to Recall and it looks like there was a good faith effort to address users' security concerns. Does that really mean you should use Recall now, though?

If you're unfamiliar with cybersecurity terminology or how data is stored on laptops, all the info in Microsoft's blog post might be a bit hard to digest. The first main takeaway is that Recall will not run or record snapshots without users manually turning it on. So, you don't need to worry about the feature running without your knowledge and if you want to you can even completely delete it from your device.

If Recall sounds like it might be useful to you, it's definitely safer to use now than it was before, although that's not saying a whole lot.

That being said, considering all the new layers of security and additional privacy filters and settings, Recall is generally safer to use now than it was when it originally launched as a preview feature in June. If you're going to use it, it's a good idea to leave snapshot notifications turned on and set Recall to ignore any sensitive websites and apps. It's also a good idea to periodically clear your Recall data so you're not keeping a massive history of your activity stored on your device.