We like to install Windows 11 on a Virtual Machine (VM). After booting from the…
Secure wipe hard drive and solid state drive in Windows
How to securely wipe a hard drive? We mean complete erasing the disk and that no software can retrieve any data from the disk. Formatting a disk from the Windows menu doesn’t mean that the disk is securely erased. Likewise, deleting a file to the Recycle Bin and emptying the Bin doesn’t mean it’s secure erased. Yes, it does look like it’s formatted when you format the disk in Windows, but there is plenty of software that can retrieve data. In this article, you will learn how to erase a file and unused disk space and that no software can retrieve the deleted data from the disk.
Table of contents
Introduction
Many organizations let their employees or students use the laptop for private use. For example, let’s say you add some important personal bank transactions or personal vacation pictures. When you bring back the computer, the IT desk will format the laptop and reinstall Windows. After that, they place the laptop on a shelf with other laptops.
When a new colleague or student needs a laptop, they hand out the laptops on the shelf (the ones that are formatted). The new user can run software and retrieve a lot of data. That’s data that you didn’t want anyone else to see but yourself.
Important: Reinstalling Windows on the computer and handing out the device is not the way to go. Instead, companies should securely erase disks and install Windows on them. Afterward, they are good to hand out or add them back to the used computers shelf for future use.
This is the same case for home users. If you sell your laptop or computer, you should not think that you are simply done when you delete the files or reinstall Windows. Also, if you only want to sell the disk and remove the files on it or format the disk and think you achieved success, that’s a big mistake.
Eraser free software
There is plenty of software on the market that can securely wipe a hard drive, solid-state drive, and USB flash drive in Windows. There is paid and free software available. But, the one that we always use and specifically will discuss is the software Eraser.
Eraser is an open-source secure erasure tool available for the Windows operating system. It supports both file and volume wiping. Eraser securely erases data by overwriting it such that the data is irrecoverable.
Download Eraser software and install the Eraser tool on the computer.
Supported data sanitization methods
The Eraser software supports a variety of data destruction standards:
| Method Name | Number of Passes | Description |
|---|---|---|
| British HMG IS5 (Baseline) | 1 | Your data is overwritten with zeroes. |
| British HMG IS5 (Enhanced) | 3 | British HMG IS5 (Enhanced) is a three pass overwriting algorithm: first pass – with zeroes, second pass – with ones and the last pass with random data. |
| Canadian RCMP TSSIT OPS-II | 7 | RCMP TSSIT OPS-II is a seven pass overwriting algorithm with three alternating patterns of zeroes and ones and the last pass – with a random byte. |
| First/last 16KB Erasure | File Erasure Only | A fast and simple method for making files hard to find/recover. It will leave data on the disk if the file size is greater than 32KB. |
| German VSITR | 7 | The German standard calls for data to be overwritten with three alternating patterns of zeroes and ones and in the last pass with random data. |
| Pseudorandom data | 1 | The fastest wiping scheme. Your data is overwritten with random data (if you use a CSPRNG the data is indistinguishable from random noise). |
| Russian GOST P50739-95 | 2 | GOST P50739-95 wiping scheme calls for a single pass of zeroes followed by a single pass of random data. |
| Schneier’s Algorithm | 7 | The Bruce Schneier algorithm has seven passes: first pass – with ones, the second pass – with zeroes and then five times with random data. |
| US Air Force 5020 | 3 | US Air Force 5020 is a three pass overwriting algorithm with the first pass being that of a random byte, followed by two passes of complement data (shifted 8 and 16 bits right respectively). |
| US Army AR380-19 | 3 | AR380-19 is data wiping scheme specified and published by the U.S. Army. AR380-19 is three pass overwriting algorithm: first pass – with random data, second with a random byte and the third pass with the complement of the 2nd pass. |
| US Department of Defense DoD 5220.22-M (E) | 3 | DoD 5220.22-M (E) is a three pass overwriting algorithm: first pass – with zeroes, second pass – with ones and the last pass – with random data. |
| US Department of Defense DoD 5220.22-M(ECE) | 7 | DoD 5220.22-M(ECE) is seven pass overwriting algorithm: first, fourth and fifth pass with a random byte, its 8 right-bit shift complement and 16 right-bit shift complement; second and sixth passes with zeroes, and third and seventh pass with random data. |
A look at how the Eraser software settings looks like and where you can change the settings.
Supported Windows Operating Systems
The Eraser software works on the Windows Operating Systems:
- Windows XP (with Service Pack 3)
- Windows Server 2003 (with Service Pack 2)
- Windows Vista
- Windows Server 2008
- Windows 7,8,10,11
- Windows Server 2012, 2016, 2019, 2022
Supported drives
The Eraser software works with every drive that Windows supports:
- HDD (Hard Disk Drive)
- SSD (Solid State Drive)
- USB flash drive
Secure wipe folders and files in Windows
To secure erase folders and files in Windows, follow the below steps:
- Start File Explorer
- Go to the folder or file
- Right-click the folder or file (you can select more than one file or folder)
- Click in the context menu on Eraser
- Select Erase
Secure wipe Recycle Bin
To secure delete the Recycle Bin in Windows, follow these steps:
- Go to the desktop
- Right-click on the Recycle Bin
- Click in the context menu on Eraser
- Select Erase
Secure wipe drive without deleting Windows
If you have Windows installed on the drive and you want to secure erase the unused space, follow these steps:
- Start File Explorer
- Right-click the Windows drive
- Click in the context menu on Eraser
- Select Erase Unused Space
The Eraser tool will generate a unique folder on the C: drive.
Open the folder, and you will see that Eraser software creates unique files.
The Eraser software shows the task status, and it will log everything that the software is doing.
Finally, the disk will start to get full.
The disk is full of files created by the Eraser software.
The Eraser software will start to delete the generated files, and freeing up the disk.
Secure wipe external drive in Windows
To secure erase external drives, follow the below steps:
- Attach the external drive (HDD/SSD/USB flash drive)
- Start File Explorer
- Right-click the External drive
- Follow the same steps as the steps above
Secure wipe drive without a computer
There is one option if you don’t have a computer and want to wipe a hard drive (HDD), solid-state drive (SSD), or USB flash drive. That’s, of course, not using software on your computer because you don’t have a computer available. Instead, that’s to drill in the hard drive with a drill machine, which will ensure that all the data is not retrievable. Also, there are drives that you can bend and break with your bare hands because they are not that strong.
Conclusion
You learned how to securely wipe drives in Windows. This can be a hard drive, solid-state drive, or USB flash drive. Every organization should have data sanitization software installed on the systems so that users can secure erase a single file instead. Removing a file does not mean it’s securely deleted from the system. It’s also essential to inform the employees, friends, and family members about how this works. Stay secure!
Did you enjoy this article? You may also like Check free disk space on Windows with PowerShell script. Don’t forget to follow us and share this article.
What Others Are Reading
This Post Has 0 Comments