Drawer full of Seagate and Western Digital hard drives.
The most reliable way to securely wipe a traditional hard disk drive (HDD) is to perform a single-pass overwrite, which writes a pattern of zeros over the entire drive. That’s sufficient to make the original data unrecoverable by even the most advanced forensic laboratories.
For an internal solid-state drive (SSD), a different process using the built-in ATA Secure Erase command accomplishes the same thing.
Simply deleting files or performing a standard format will not destroy your data securely. Below, we’ll explain the correct methods for both HDDs and SSDs, and clarify common misconceptions about multi-pass government standards.
Why “Deleting” Files Won’t Prevent Data Recovery
When you delete a file or format a hard disk drive, your operating system doesn’t actually erase the data. Instead, it simply removes the file’s address from the master index.
The actual binary data — the ones and zeros, represented as magnetic charges — remain on the drive, marked as space that is now available to be overwritten. That’s practically necessary to keep hard drives functioning smoothly.
But until new data is written to that specific physical location, the original file is easily recoverable with basic software. A secure wipe, or sanitization, ensures that the original data is overwritten, sector by sector, making recovery impossible.
SSDs operate differently, and deleting a file will usually render it unrecoverable after the TRIM command executes. Learn why deleting data on an SSD will usually delete it for good.
The Best Method for Wiping Hard Disk Drives (HDDs)
A traditional hard drive stores data on spinning magnetic platters. A secure wipe works by changing the magnetic state of every single bit on these platters.
Contrary to common belief, you do not need to perform multiple wipes, though this is a good practice for especially sensitive data.
The idea of multi-pass sanitization became popular because on old, low-density hard drives, there’s a theoretical possibility of detecting residual magnetic traces after a single wipe. This was only theoretical — and on any modern hard drive, the data density is so high that a single overwrite completely and permanently destroys the original data.
From our experience in the lab, we can confirm that no data recovery process can retrieve information from a drive that has undergone a complete, single-pass overwrite. With that said, some data is so sensitive that even a fragment of the original data could create a concern — this is where NIST standards come into play, and data sanitization services (including our secure data deletion services) should always follow NIST guidelines as a best practice.
For a standard consumer hard drive, though, a single pass is fine. Here are some tools that can perform this process:
- DBAN (Darik’s Boot and Nuke): A long-standing, free, and very effective tool for wiping HDDs. You create a bootable CD or USB stick with DBAN, and it runs independently of your operating system to wipe the targeted drive.
- Built-in Operating System Tools: Both Windows and macOS have utilities that can perform a single-pass zero-out format, though they can sometimes be harder to find and use on a primary boot drive. On Windows, you’ll need to use the diskpart utility in the command prompt; this Reddit thread details the process. On Mac OS, Disk Utility’s Security Options provides a secure erase feature; once again, there’s a Reddit thread for that.
Note: The process of overwriting a drive can take several hours, depending on the drive’s size and speed. It also puts the drive through quite a bit of stress, so if the drive’s near failure, you might prompt a head crash or other mechanical issue.
At scale, the best way to destroy data from a set of hard drives is to use hardware designed for the purpose. Our laboratories use degaussers, which use powerful magnets to destroy each drive’s data in a fraction of the time as commercial data sanitization utilities. Learn about secure data destruction services from Datarecovery.com.
The Correct Method for Wiping Solid-State Drives (SSDs)
You should not use a standard overwrite tool like DBAN on an SSD — it’s unnecessary, and if you want to reuse the SSD, multi-pass overwrites will cause unnecessary wear on the drive’s flash memory cells.
SSDs use features called wear-leveling and over-provisioning. The drive’s controller constantly shuffles data around to distribute writes evenly and keeps a reserve of extra, inaccessible memory blocks to swap in as old blocks wear out.
Because of this, an overwrite command sent by the OS may not reach every physical location where your data is stored; copies of it could still exist in the over-provisioned space.
The best way to wipe an SSD is to use the ATA Secure Erase command. This is a command built into the firmware of nearly all modern SSDs. When executed, it instructs the drive’s own controller to apply a voltage spike to every NAND cell, instantly resetting all stored data — including data in the over-provisioned areas — to an empty state.
The easiest way to issue this command is with the manufacturer’s own software utility. We don’t endorse specific products, but these are popular examples from major manufacturers.
Realistically, though, you can also just perform a standard full format of an SSD if you’re reselling it — but if you’re concerned about data security, the secure erase command is, well, secure.
A Note on NIST Standards
The NIST 800-88 “Guidelines for Media Sanitization” is the U.S. government’s standard for data destruction. It is a comprehensive document that outlines different methods for different situations, including “Clear,” “Purge,” and “Destroy.”
For most users, a single-pass overwrite (for HDDs) or a Secure Erase (for SSDs) accomplishes the “Clear” standard, which protects against all known software-based recovery techniques. The more intensive “Purge” methods, which sometimes involve multiple passes, are intended for high-security environments where data is so sensitive that it must be protected against theoretical, lab-based attacks that are not considered a realistic threat for modern media.
For the purpose of selling or recycling your personal or business computer, a single-pass format or Secure Erase is perfectly sufficient.
Our deep understanding of how data is stored, read, and recovered informs our advice on how to securely destroy it. If you’re dealing with a failed drive that contains sensitive data but cannot be accessed to be wiped, our services can help. We can securely recover the data so it can be moved to a new device before the old one is physically destroyed. We provide a risk-free evaluation for every case, backed by our “no data, no charge” guarantee.
If you need to recover data from a damaged drive before it’s decommissioned, contact our experts at 1-800-237-4200 or submit a case online.
