Tom's Hardware is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Here’s why you can trust us.

By Avram Piltch published 22 August 22

If you're selling your PC or storage drive, you need to wipe it.

If you're planning to sell / gift your old PC or just the drive inside, you need to securely erase your SSD or hard drive so that the next person can't gain access to your files. It almost goes without saying at this point, but simply deleting a file doesn't make it completely disappear. The operating system simply removes a pointer to the file, leaving all the bits in place, until the drive needs that space for new data and overwrites it. But that could take years or, if you have lots of free space, never happen.

You might think that simply resetting Windows 10 or 11 with the option to delete your files enabled would get rid of all your personal data, but that simply is not the case and we've done a test to prove it.  I was getting ready to donate my old Windows 10 PC so I used the built-in Windows reset feature and I clicked "Remove everything," which deletes all of your files and leaves you with a factory default install of the OS. 

After the reset process completed, my personal files were indeed erased as was all the software I had installed. However, after I installed and ran EaseUS Data Recovery Wizard Free (opens in new tab) , a utility that finds and undeletes files, I located all my old files. To prove my point, I recovered a file called mypasswords2.txt that had lived in the Documents folder and I was able to read everything inside of it. 

No matter how nice a person you sell your computer or your bare drive to, you can't trust that they won't see what deleted files they can recover. Below we'll explain how to securely erase an SSD using Windows and then explain how to do the same to a hard drive as the process is a bit different.

Securely erasing an SSD is different than doing the same process on a mechanical hard drive. The best way to erase an HDD, which we'll cover in more detail below, is to use a program that writes random data over all the sectors several times so that no remnants of the old files remain. 

This brute-force overwrite method won't work as well for SSDs. Hard drives need multiple overwrites because magnetic media can leave remnants of data, but all SSDs have a limited number of write cycles so overwriting them multiple times is overkill. 

SSDs also use overprovisioning to extend the life of the drive and replace any blocks that fail over time. So there might be 5 or 10 percent of blocks that are unavailable to the OS at any given time. A full drive overwrite wouldn't touch these blocks, which could have data in them. However, since the over provisioned blocks are out of circulation, they won't be used (or visible to software) again until they've already been overwritten. Therefore, it's unlikely someone would be able to get to those blocks using consumer-grade recovery software (a government agency might be able to, however). 

What you need is a utility that can quickly get at all the visible data. Some SSD makers provide secure erase utilities for free and some motherboard BIOSes have "secure erase" capability built in. These tools effectively reset your SSD to a factory state, with even the OP blocks wiped. But your particular drive or motherboard may not have these options available.  A paid utility called Parted Magic can do secure wipes for you, but if you don't want to spend money, Windows 10 and 11 have a tool called diskpart which does a good job for free.

If your SSD is the boot drive in the PC you are wiping, the easiest way to securely erase it is through your motherboard's UEFI BIOS. On each brand of motherboard, the secure erase feature may have a different name and a different location in the menu structure.

1. Enter your motherboard's UEFI BIOS. See our article on how to enter your BIOS if you haven't done this before.

2. Look for a secure erase option under a tools or storage menu. If you can't find one, consult the user manual. On our Asus ROG motherboard, the option was under Tool->Asus Secure Erase. 

3. Select your drive, choose options and confirm. In our case, the software also asked 

Depending on the make and model of your SSD, the manufacturer (ex: Samsung) may have a free utility that will allow you to perform an official "secure erase," resetting the blocks. Note that if the drive you are wiping is the boot drive in the PC you are using to clear it, you will need a utility that can create a bootable USB erasure tool. 

The method and capabilities vary for each manufacturer's software. For example, we had a Kingston Rage Fury M.2 NVMe SSD but found that Kingston's software would only secure erase the company's SATA drives. 

Here's some quick links to manufacturers' software you can try.  We haven't tested to see if all of these have secure erase features that work with all of their drives.

Parted Magic is the best universal secure erase utility around. If you don't have a free manufacturer's utility or a motherboard with a secure erase function in the BIOS, Parted Magic, a bootable Linux environment with secure erase utilities built-in, will do it for you. 

However, the utility starts at $15 (opens in new tab) and does not have a free trial period. If you are planning to wipe disks on a regular basis or you want to make sure the OP area is wiped, we definitely recommend Parted Magic, but otherwise, you should consider a free method like using Windows Diskpart, which we describe below.

To use Parted Magic: 

1. Buy Parted Magic and Download its ISO file. You will use this to create a bootable live disk.

2. Create a bootable USB flash drive. We recommend using Rufus (opens in new tab) , a free USB Flash drive utility, to do the writing. 

3. Boot your PC from the Parted Magic USB drive.

4. Hit Enter to select Default settings (option 1) when prompted for a boot method. 

A Linux desktop environment will appear with several icons on the desktop for you to click.

5. Launch the Erase Disk app. 

6. Select "NVMe Secure Erase" if you have an NVMe SSD or "Secure Erase ATA Devices" if yours is a SATA drive.

A list of available disks will appear. The disk(s) you want to erase may be listed as "Frozen" which means that they can't be selected at the moment.

7. Click the Sleep button if the drive is listed as Frozen. The screen should flicker off for a few seconds and then come back on with the drive now available to be selected. 

8. Select the drive(s) you want to erase and click Continue.

9. Check "I allow this utility . . ." and click Start Erase. 

The system will now take a few minutes to erase your drive and show you a progress bar. It took me two minutes to erase a 1TB SATA SSD. 

When Parted Magic is done with the secure erase, it will show you a box saying that the process was successful and offering you the opportunity to view logs. 

You can shut down Parted Magic (or reboot the computer) as your drive has been securely erased.

But what if you don't want to pay $15 for Parted Magic and don't have a motherboard or manufacturer software that will securely erase your SSD? A cheap and universal way is to use Windows 10 or 11's built-in diskpart utility at the command prompt. 

You can even use this method if the SSD you plan to wipe is the computer's boot drive. The caveat with diskpart is that this method does not blank the overprovisioned blocks of the OS, but it does erase the disk map which references them. The method is effective enough that DriveSavers, a professional data recovery service, said that it should "do the trick," but noted that they have not validated it with every hardware combo. Here's how to use it.

1. If the drive you are wiping is the computer's boot drive, start the computer from a Windows 10 or 11 install disk (see how to do a clean install for instructions on creating the disk). If the disk you are wiping is not the boot disk, you don't need to boot from an install disk and can perform this wipe from within Windows.

2. Launch the command prompt. If you booted off a Windows install disk, hit Shift + F10 to get the command prompt on top of the installer. If you are using your regular install of Windows, just search for "cmd," right click the top result and select "Run as administrator."

3. Enter diskpart. The prompt will now read as DISKPART>.

4. Enter list disk to see a list of all the disks attached to your PC and their numbers. If you have only one drive, it will be Disk 0.

5. Enter select disk [NUM] where [NUM] is the disk number, likely 0. So if it's disk 0, type select disk 0.

6. Enter clean all. After several seconds or perhaps a few minutes, you will see a message telling you that the process has completed.

Your drive should now be securely wiped. If you were planning to give the computer to someone else, you can go ahead and reinstall Windows on it. When I used "clean all" to secure erase the SSD on a PC I was donating to charity, I was no longer able to see my deleted files on it using EaseUS Data Recovery.

Some experts claim that SSDs which have TRIM enabled -- most modern SSDs -- don't need to be securely erase because the process purges deleted data in the background. Unfortunately, you can't count on TRIM to purge all your blocks even if you attempt to force it by using Windows 10 or 11's Optimize Drive feature. I took the drive I'd wiped with Windows 10's reset feature and then ran Optimize Drive on it, but my sensitive files were still recoverable with EaseUS Data Recovery.

"This is an expected result from experience," DriveSavers Director of Engineering Mike Cobb told us. "TRIM doesn’t always function with all devices. This is why TRIM cannot be trusted, ever unless validated with the system and the actual drive model." 

DriveSavers is a leading data recovery service that uses its own set of proprietary tools to get deleted data off of clients' SSDs and hard drives. For companies that are especially concerned about the quality of their secure erases, DriveSavers offers its "Data Erasure Verification Service (opens in new tab) ," where experts will check to make sure that nothing can be recovered.

The best way to make sure an old-fashioned mechanical hard drive is securely erased is to overwrite it with dummy data multiple times. There's a popular freeware app called DBAN (Darik's Boot and Nuke) that writes to all the sectors using secure sanitization methods. 

DBAN is its own boot environment (no OS necessary) so you can use it to securely erase the boot drive on a computer without taking that drive out and attaching it to another PC. However, if the hard drive you're wiping is not the boot drive, you must be very careful when using DBAN so that you don't accidentally wipe the wrong drive.

1. Download the DBAN ISO file (opens in new tab) .

2. Write the ISO to a USB Flash drive (it only requires 20MB of space) so it becomes bootable. The easiest way to do this is by using Rufus (opens in new tab) , a free USB burning tool. Launch Rufus, click Select, choose the ISO and then click Start.

3. Boot from the DBAN USB drive. You will see a menu with a blue background and gray letters.

4. Press Enter to start interactive mode. The system will take a minute or two to detect your storage devices. A menu screen will then appear, showing all of your drives and some other options.

5. Select the drive(s) you wish to wipe. Use the J and K keys to move up and down and hit space to select the drive, which will now say "wipe" next to it.

6. Select the method of drive erasure by hitting M if you want something other than the default, DoD Short method. DoD short is a 3-pass version of the American Depart of Defense 5220.22-M wipe process. It overwrites all sectors with zeroes on the first pass, overwrites them with ones on the second pass and then uses a random pattern on the third pass. 

A standard DoD 5220.22-M erasure is 7 passes.  The more passes, the longer the secure erase takes. The DoD short method should be fine for most people so you can skip this step if you agree.

7. Hit F10 to start the process. Depending on the number of passes, the capacity of your drive and its speed, this could take a few minutes or several hours.

When it's complete, DBAN will show you a message stating that it has wiped all the drives you assigned to it.

Your hard drive should now be safe to give away or sell. If you plan to give away the computer with the hard drive in it, be sure to reinstall the operating system.

Get instant access to breaking news, in-depth reviews and helpful tips.

Thank you for signing up to Tom's Hardware. You will receive a verification email shortly.

There was a problem. Please refresh the page and try again.

Tom's Hardware is part of Future US Inc, an international media group and leading digital publisher. Visit our corporate site (opens in new tab) .

© Future US, Inc. Full 7th Floor, 130 West 42nd Street, New York, NY 10036.