We value your privacy

We use cookies to enhance your browsing experience, serve personalized ads or content, and analyze our traffic. By clicking "Accept All", you consent to our use of cookies.

Customize Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

No cookies to display.

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

No cookies to display.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

No cookies to display.

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

No cookies to display.

Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.

No cookies to display.

NewApp Digest
search bot

Microsoft Copilot+ Recall: who should disable it, and how

May 15, 2025

When Microsoft unveiled its “photographic memory” Recall feature for Copilot+ PCs a year ago, it quickly drew the attention of cybersecurity experts, who raised concerns about its potential privacy risks. In response to these alarms, Microsoft chose to delay the feature’s launch for further refinement. The revamped Recall made its debut in Windows Insider Preview builds in April 2025, followed by a broader rollout in May for compatible devices. While the core functionality remains unchanged—continuously capturing screenshots and utilizing optical character recognition (OCR) to analyze content—the latest update has introduced significant enhancements to data security.

What’s new in Recall’s second coming

Since its initial announcement, Microsoft has taken steps to address key criticisms from cybersecurity professionals. The updated Recall now requires user permission to activate during the initial system setup, eliminating any manipulative visual prompts that could pressure users into consent.

Additionally, Recall’s database files are now encrypted, with cryptographic operations and key storage managed by the hardware-based Trusted Platform Module (TPM), making unauthorized extraction considerably more challenging. A new filter has been implemented to attempt to prevent the saving of screenshots or text when sensitive information is present—such as in private browser windows or payment forms. However, it’s worth noting that this filter is not foolproof; testers have reported instances where confidential data inadvertently made its way into the OCR database.

Ars Technica has highlighted several other positive changes:

  • Recall is enabled on a per-user basis, rather than universally across all accounts.
  • The feature can be completely uninstalled if desired.
  • A Microsoft account is not a prerequisite for use.
  • All data processing occurs locally, eliminating the need for an internet connection.
  • To launch Recall initially, users must enable BitLocker disk encryption and Windows Hello biometric authentication.
  • Windows Hello authentication is required for every Recall search thereafter.

Why Recall still poses risks

Despite Microsoft’s efforts to address concerns, the current iteration of Recall still presents several vulnerabilities. Biometric authentication is only mandatory during the initial setup; subsequent launches can be accessed with a regular Windows PIN, which can be easily guessed or observed by others. One reviewer recounted how a simple PIN was guessed by a friend in mere minutes while searching for a specific screenshot.

Moreover, Recall can be reactivated without biometric verification. If a user disables the feature, anyone who knows the PIN can easily re-enable it, allowing for the capture and search of screenshots once again. The reliability of the automatic filtering for sensitive data also remains questionable. While Recall is designed to avoid capturing screenshots in high-risk scenarios, such as private browsing modes or during remote desktop sessions, it often fails to recognize these contexts, particularly with less common browsers or remote access tools.

Perhaps most concerning is Recall’s ability to log interactions with other users, which raises significant privacy issues. For instance, if a user is in a Zoom or Teams call with transcription enabled, Recall will save a complete recording of the conversation. It also captures self-destructing messages from apps like WhatsApp or Signal, disregarding their privacy policies. This poses risks in two critical scenarios: when someone with knowledge of the PIN gains unauthorized physical access to the computer, and when an attacker exploits Windows vulnerabilities to gain remote access.

Impact on performance and battery life

Originally designed for high-performance PCs equipped with dedicated AI computing chips, Recall can still impact user experience, even on powerful machines. This is particularly evident during gaming sessions, where Recall’s continuous screenshot capture and dialogue recording can consume substantial memory and processing resources, placing a heavy load on the NPU. Even when the device is unplugged, Recall’s operations can drain the battery more quickly than usual.

Who should disable or remove Recall?

Microsoft now offers users a choice: enable Recall, ignore it, or completely remove it from their systems. This approach marks a departure from previous efforts to push features like Edge or Cortana. Users should consider disabling Recall if they fall into any of the following categories:

  • Professionals handling trade secrets or sensitive personal data, such as lawyers or doctors.
  • Frequent users of video conferencing or remote tech support services.
  • Individuals engaged in private correspondence, especially using secure messaging apps.
  • Those living or working with individuals who may be overly curious about their digital activities.

For these users, it may be prudent to avoid Recall altogether or remove it entirely.

How to disable or remove Recall

To disable Recall:

  1. Open Settings from the Windows Start menu and select Privacy & security.
  2. Locate the Recall & snapshots subsection within Privacy & security.
  3. Toggle off Save snapshots and click Delete snapshots to erase any previously collected data.

To remove Recall completely:

  1. In the Windows Start menu search bar, type Turn Windows features on or off.
  2. In the window that appears, find the Recall entry.
  3. Uncheck the box next to it and click OK.

How to configure Recall if you decide to try it anyway

If you choose to use Recall and do not belong to the aforementioned categories, consider implementing the following precautions:

  • Disable less secure sign-in methods, opting for strong passwords and biometric authentication.
  • Manually add messengers used for confidential communication, password managers, and finance apps to Recall’s exclusion list.
  • Set a minimal screenshot retention period, choosing between 30 to 180 days.
  • Regularly check Recall for recently captured apps and sites to identify and delete any sensitive information.

Regardless of your Recall settings, remain vigilant against common data leak scenarios, such as malware attacks or phishing attempts. Utilizing a comprehensive cybersecurity solution is essential for safeguarding your information.

Winsage
Microsoft Copilot+ Recall: who should disable it, and how