Microsoft says it’s making its new Recall feature in Windows 11 that screenshots everything you do on your PC an opt-in feature and addressing various security concerns. The software giant first unveiled the Recall feature as part of its upcoming Copilot Plus PCs last month, but since then, privacy advocates and security experts have been warning that Recall could be a “disaster” for cybersecurity without changes.

Thankfully, Microsoft has listened to the complaints and is making a number of changes before Copilot Plus PCs launch on June 18th. Microsoft had originally planned to turn Recall on by default, but the company now says it will offer the ability to disable the controversial AI-powered feature during the setup process of new Copilot Plus PCs. “If you don’t proactively choose to turn it on, it will be off by default,” says Windows chief Pavan Davuluri.

Microsoft will also require Windows Hello to enable Recall, so you’ll either authenticate with your face, fingerprint, or using a PIN. “In addition, proof of presence is also required to view your timeline and search in Recall,” says Davuluri, so someone won’t be able to start searching through your timeline without authenticating first.

This authentication will also apply to the data protection around the snapshots that Recall creates. “We are adding additional layers of data protection including ‘just in time’ decryption protected by Windows Hello Enhanced Sign-in Security (ESS) so Recall snapshots will only be decrypted and accessible when the user authenticates,” explains Davuluri. “In addition, we encrypted the search index database.”

Recall uses local AI models to screenshot mostly everything you see or do on your computer and then give you the ability to search and retrieve anything in seconds. An explorable timeline lets you scroll through these snapshots with ease to look back on what you did on a particular day on your PC. Everything in Recall is designed to remain local and private on-device, so no data is used to train Microsoft’s AI models.

Microsoft’s changes to the way the database is stored and accessed come after cybersecurity expert Kevin Beaumont discovered that Microsoft’s AI-powered feature currently stores data in a database in plain text. That could have made it easy for malware authors to create tools that extract the database and its contents. Several tools have appeared in recent days, promising to exfiltrate Recall data.

TotalRecall extracts the Recall database so you can easily view what text is stored and the screenshots that Microsoft’s feature has generated. NetExec appears to be getting its own Recall module soon that can access Recall folders and dump them so you can view the screenshots easily. These tools are all possible because there’s no full encryption or protection on the Recall database.

Microsoft developed the Recall feature under its new Secure Future Initiative (SFI) that the company has put in place to overhaul its software security after major Azure cloud attacks. Microsoft has had a rough few years of cybersecurity incidents, and the SFI is supposed to focus on security above all else.

Microsoft CEO Satya Nadella even called on employees to make security Microsoft’s “top priority” recently, even if that means prioritizing it over new features. “If you’re faced with the tradeoff between security and another priority, your answer is clear: Do security,” said Nadella (emphasis his) in an internal memo obtained by The Verge. “In some cases, this will mean prioritizing security above other things we do, such as releasing new features or providing ongoing support for legacy systems.”