[hiisukun]

Just for example: It could be stored encrypted with the user's credentials. So when you want to browse "Recall" it might pop-up requesting a fingerprint, password, token etc.

Then it decrypts, presents to the user, and closes the handles when you're done. In this way, the "key" isn't present -- the user has it!

That's quite a different security situation to it just sitting around in plaintext on disk. Certainly there's a number of Windows and MacOS features sitting behind authentication already, from a UX perspective.

[andrewflnr]

I don't think users would go for that UX, so if you're committed to building this feature, I don't think you can go that route without basically accepting that no one will use it. I suspect MS wants this to be a lot more casual than the other features behind authentication now. (Like I told akkartik, I'm open to the argument that there's no way to implement it securely and with an acceptably easy UX, but I don't see people actually making that argument.) Maybe they'll prove me wrong by doing something like that, though.