How to Securely Wipe the Free Space on Your Windows PC
Are you selling, giving away, or disposing of a Windows PC? Learn how to securely wipe its hard drive so your data cannot be recovered.
When you delete files from your hard drive, did you know that the file never actually gets deleted and is likely able to be recovered using tools like Recuva? Normally this isn’t an issue as we use our computer each day; however, if you’re planning to sell or donate your computer and don’t want your old data to be recoverable, follow the steps below to wipe the free space on your hard drive. The process is the same and will work on Windows 7, 8, and Windows 10 and Windows 11.
What really happens when you delete a file?
When you delete a file on your computer, the only thing that’s removed is its reference in the master file table. The file still exists on your hard drive; however, Windows doesn’t know where the file is. This is because, as mentioned earlier, you’re only removing the indexes and the links to the data and telling Windows it has permission to overwrite that area of the hard drive.
So, until (and possibly after) the data is written over, it can be recovered by special tools or the right set of skills. The tools, or an experienced hacker, can scan the hard drive and look for the files and restore the links and indexes so Windows can see the files again. If you’re selling a computer or even disposing of one, you should securely wipe the free space on your PC’s hard drive so the files cannot be recovered.
Today we’ll show you how to use the cipher command on the command line to securely write over the free space several times to make sure no data can be recovered. We’ll also mention some third-party tools that do the same thing.
Cipher
Before using the cipher command to securely overwrite the free space on your hard drive, be sure you quit all programs. That ensures the maximum amount of free space is securely wiped.
Click the Cortana icon or the Search icon on the Taskbar and start typing “command prompt.” Then, click Command Prompt under Best match.
Type the following command at the prompt and press Enter.
cipher /w:c:
Data that is not allocated to any files or folders is overwritten three times and permanently removed. This can take a long time if you are overwriting a large amount of free space. If you want to wipe free space from a drive other than C, just change the drive letter as shown below.
Simply change the drive letter to wipe the free space from whichever drive you wish
Cipher goes through the following steps as it securely wipes the free space on your hard drive.
- The cipher command automatically creates a new folder on the C drive called EFSTMPWP and then creates a file in that folder with nothing but zeros in it. It will grow until the hard drive fills up.
- Then, cipher deletes that file and creates a second file that is filled with the number 255 repeatedly until the file grows big enough to fill the free space on the hard drive again.
- Next, cipher deletes the second file, creates a third file, and fills that with random numbers until your hard drive is full again.
- Finally, cipher deletes the third file and returns you to the prompt. Type exit at the prompt to close the Command Prompt window.
So, essentially, cipher wrote over the free space (old files) on your hard drive three times to ensure no one could ever scan your hard drive and recover the data you deleted from it.
If you watch your hard drive space, as cipher does its thing, don’t be surprised when you see your hard drive fill up. This is normal, as mentioned in the steps above, and space will be freed again.
CCleaner
If you’re not comfortable using the command line, there’s a free utility called CCleaner that allows you to wipe the free space on your hard drive securely.
NOTE: We are aware that CCleaner was hacked. However, it was the 32-bit version 5.33 distributed by Avast that was compromised. The company has since acknowledged the issue and fixed it to the point that we feel comfortable now recommended them still. That said, be sure you update to the latest version. CCleaner is still a useful and reliable tool.
There are two versions of CCleaner, free and paid. The feature that wipes the free space on your hard drive is available in the free version, so that will do just fine.
Once you’ve downloaded CCleaner and installed it, or updated it, open the program and click Tools on the left pane. Choose Free Space Only from the Wipe drop-down list. Make sure you DO NOT select Entire Drive, as this will erase ALL the files on your hard drive—unless that is what you mean to do. If you’re getting rid of the PC, you can use the Entire Drive option to wipe the entire drive. Be very careful when making this selection.
Select the overwriting procedure you want from the Security drop-down list. Simple Overwrite is fine for most situations. However, if you want CCleaner to behave like the cipher command, select Advanced Overwrite (3 passes). Finally, select the drive you want to securely wipe the free space in the Drives box and click Wipe.
Eraser
Another option for making sure your deleted data cannot be recovered is to delete your files and folders securely in the first place.
Eraser is a free, advanced security tool for Windows that allows you to securely delete data from your hard drive by overwriting it several times with carefully selected patterns, like the cipher command and CCleaner. The difference is you can do this when you delete the files and folders, not after. You can also securely wipe the free space on your hard drive to be extra safe.
When you download Eraser and install it, an option is added to the context (right-click) menu in File Explorer. Instead of deleting files and folders normally by pressing the Delete key, sending them to the recycle bin, and then emptying the recycle bin, you can use Eraser directly in File Explorer to securely delete files and folders.
To securely delete one or more files or folders, select what you want to delete, right-click on the selection, and then go to Eraser > Erase on the popup menu.
What do you use to wipe the free space on your hard drive securely? Or is this brand new information? Share your thoughts and experiences in the comments below.
17 Comments
Leave a Reply
Leave a Reply
I F Mosley
October 3, 2017 at 12:24 pm
Does ‘Cipher’ only work on the C: drive? If not, what would be the command line for, say, the D: drive?
Steve Krause
October 3, 2017 at 9:12 pm
Cipher will work on any active drive, all you need is a drive letter. The command would be:
cipher /w:c: for the C Drive
cipher /w:d: for the D Drive
cipher /w:e: for the E Drive
etc…
Hope this helps!
-Steve
Mark
March 15, 2022 at 11:02 am
The drive letter must be followed with colon or it defaults to C:
Danny
October 3, 2017 at 9:52 pm
Is it for hard drives only or will it work on SSDs? You know the more you write and delete on an SSD, the shorter the life span is. Your article says “hard drives”, no mention of SSDs.
I like to see more articles on SSDs just as you see all the articles on HDDs.
Vladimir V
October 29, 2017 at 6:25 pm
Yes. Mechanical and SSD drives should be wiped if you want the data gone.
Mechanical 3x minimum due to head jitter. SSD, one wipe is fine.
Frank Lobach
October 3, 2017 at 10:59 pm
Hi , this is fairly old news to me, as I have used CCleaner for years, although have not used the drive wiper fascility before. Just do the reg clean, & general scan as well as delete cookies in the same moment. I have used Revo Uninstaller to clean the free space on my PC, takes a long time, but does a thorough job too. Revo has just so many fasciltiies incorporated in it , the list is fantastic.Perhaps you can do an article on it, as as many people as possible should be aware of its possibilities, mainly to uninstal any programs not needed anymore, and then it will also find and delete any and all left over bits and pieces of that deleted program. Pretty comprehensive ability is old REVO.
There is in CCleaner,a duplicate file finder,system restore,drive wiper( from 1 overwrite up to 35 very complex wipes,choosing from any drives on your PC, Disk analyzer,Browser Plugins,and Start Up list that allows you to uninstall,repair,rename or delete anything from that list.It has an options list too, that is very comprehensive.Hope this is useful to you and others as well,cheers.
Danny
October 3, 2017 at 11:14 pm
I have both CCleaner and Revo Uninstaller Pro paid versions. The information in both of these programs says hard drives/HDD and not Solid State Drives/SSDs. The information on SSDs says that too many writes and deletes will shorten the life span of the SSDs.
All I want to know, can these programs listed in this article safely wipe SSDs without damaging/shortening the life span of the SSDs?
George
October 4, 2017 at 8:37 am
Writing is the only thing that causes wear on an SSD my friend. Deleting and reading files should have minimal to no wear. Which means that you can erase files without worrying about wearing down your SSD.
Danny
October 4, 2017 at 8:55 am
George, the information in the article above says that there will be multiple writes on the free space so that no information can be retrieved.
Again, it says multiple writes. No problem with HDDs, bad for SSDs.
George
October 11, 2017 at 7:31 am
If the same procedure applies to SSDs, then yes. That will be bad for an SSD.
But, then again, SSDs are mostly used to keep the OS and the 3rd party programs that we have there. They are not quite ideal for documents and other kinds of files. I’d suggest using an HDD for that purpose.
Steve Krause
October 11, 2017 at 12:56 pm
To answer your first question – Yes. SSD’s along with normal HD’s need to be wiped if you want the data to be unrecoverable. So, if you’re deleting files and not wiping them, you will want to wipe your free space as described in the article assuming you don’t want the file to be recoverable.
The second question – do I need to worry about destroying my SSD drive if I’m wiping files or wiping free space?
No. Not under normal circumstances and use. Just don’t wipe your drive daily and when you do, use a single pass (or 3 passes as mentioned in the article).
Sure, the SSD drive will eventually fail however you can be sure that won’t be for years to come, and most likely, you will upgrade to a new system long before you need to worry about your SSD drive dying because you’ve performed too many writes on it. And, if you’re wiping the drive prior to selling it…. exactly.
Vladimir V
October 29, 2017 at 6:24 pm
Also, multiple wipes are no longer needed on SSD drives. In the past, multiple wipes were needed because of JITTER or the hard drive head. Fragments could be left on the drive which is why we needed to do multiple writes over data you didn’t want a forensics analyst to recover.
With SSD drives, there’s no spinning platter or Jitter. ;)
Steve Krause
November 2, 2020 at 2:49 pm
Great points Vladimir. Thank you for that clarification.
Steve
groovyPost
Dickie
August 21, 2023 at 12:30 am
Although useful information (I wasn’t aware of this command), PLEASE edit the page with the correct syntax! I followed your instructions but for a different drive and, as pointed out in a previous comment, it defaulted to C:. Although in my case this was harmless, it is otherwise unexpected and may not be desirable in other situations.
John Cousins
April 28, 2024 at 6:52 am
Omit the last colon in the cipher command, so “cipher /w:d” wipes the free space on the D drive.
Steve Krause
April 28, 2024 at 10:52 am
Hi John,
That’s not correct. The colon at the end of the command ensures that the correct drive letter is used. If you don’t put a colon after the drive letter, it will default to C.
You can test this by opening up Task Manager and watching the Drives under the Performance Tab. You can run each of the commands below and see the Active time him 100% and the Write speed max out the drive as it wipes the free space on the drive.
So, as I stated back in 2017 (and as the article shows,) if you want to Wipe the free space from a drive, use the below commands based on the drive letter.
cipher /w:c: for the C Drive
cipher /w:d: for the D Drive
cipher /w:e: for the E Drive
Steve Krause
April 28, 2024 at 10:53 am
Hi Dickie – the article was updated.