Sometimes just deleting files from your computer or a USB flash drive isn’t enough. There are times when you want to really erase them. There are various programs available to wipe everything off a drive and Gizmo’s has a selection of free ones at this link. But Windows also has a feature for securely erasing drives built right in with no need for anything extra.
It is a little-known command line tool called Cipher.exe. The tool has been around for a while and is used mainly for managing the Encrypted File System (EFS). However, it has a switch that provides for the over-writing of all free space on a drive with a random sequence of 1's and 0's. The syntax of the command is a little quirky and is frequently misunderstood in web articles. One peculiarity is that the Microsoft instructions seem to specify that you have to designate a folder and then all the free space on the drive that contains the folder will be over-written. The reason for including a folder in the syntax seems to be so that folders mounted as volumes are included. Here is the procedure to securely erase deleted files from a volume X:\
- Use the usual procedure to delete everything that is to be wiped off the drive X:\. Deleted files are actually still there in the free space so the next step is to write over the free space with the Cipher command.
- Open a command prompt with elevated privileges.(This previous tip explains how.)
- Enter the command cipher /w:X:\Somefolder
- Somefolder can be any folder that hasn’t been deleted. Unless the folder has been mounted as a drive, it isn't affected.
- Cipher will then write random bits all over the free space. It does three passes. It does not affect files that have not been deleted. Be aware that this could take hours for a large drive and might best be done overnight. Like a lot of Microsoft tools, it seems to be rather slow.
The syntax given in step 3 is taken from the Microsoft description (link here) and is repeated elsewhere. Whatever the Microsoft documentation may say, having to specify some arbitrary folder made no sense to me. So I tried cipher /w:X:\ (without designating a folder) on USB keys in Windows 7 and it seemed to work. Your experience may differ.
The Cipher command is available in most currently used Windows systems but not Windows XP Home.
If you wish to clean an entire volume, there is a second command-line option in Windows Vista/7. There is a switch for the Format command that zeroes all sectors. It is:
format X: /p
This will zero sectors once. To do n passes, the command is:
format X: /p:n
This is a full format and differs from Cipher in that it removes everything, not just deleted files. It may take a long time. The actual command you use may involve additional switches. Use this command with care.
If you want to safely erase the entire system, including Windows, then a third-party tool like DBAN that operates from an external disk is needed. DBAN is a free download at this link. Other options are discussed at Gizmo's Best Secure Erase Utility
Get your own favorite tip published! Know a neat tech tip or trick? Then why not have it published here and receive full credit? Click here to tell us your tip.
This tips section is maintained by Vic Laurie. Vic runs several websites with Windows how-to's, guides, and tutorials, including a site for learning about Windows and the Internet and another with Windows 7 tips.