What’s The Best Way To Erase A Hard Drive?

You’ll notice that the title of this article does not say format a hard drive but rather erase.

Most people are under the assumption that formatting a hard drive erases everything on it. Not true. A formatted drive can have its data recovered easily with utilities like this one.

Residual data that remains on a hard drive after it’s been formatted is referred to as data remanence.

While it is said that there is no way to truly erase a hard drive, low level formatting using what’s commonly known as a "DoD-7" will make it extremely difficult to recover data once this type of formatting has been performed.

The technical name for the DoD-7 is the US Department of Defense’s standard "National Industry Security Program Operating Manual" (US DoD 5220.22-M ECE). This formatting method overwrites a file seven times and is considered secure.

The DoD’s approach is, "Overwrite all addressable locations with a character, its complement, then a random character and verify."

DoD-7 formats take a very long to complete, usually several hours. For some larger drives it may take the better half of a day before it’s finished.

When it is appropriate to perform DoD-7 formats?

For normal home use it’s not necessary since you are the one using the hard drive. However if you’re selling a hard drive or selling a computer with a hard drive you’ve used before, you should DoD-7 format it. Doing so gives you peace of mind that whoever gets your drive or computer won’t get access to any data that was on there before.

How can you perform a DoD-7 format?

There are both free and paid utilities to do this task.

One of the better paid utilities is KillDisk. This software is very convenient because not only will it install to a floppy disk, but also make a self-bootable USB stick or CD. Most of you out there would probably use a USB stick. Simply pop the stick in, run the software, choose the appropriate drive letter and you’ll have a boot-ready stick in a few short minutes. It has both DOS and Windows options, but to be honest the DOS version is easier and loads much faster.

A freeware utility that many swear by is Darik’s Boot and Nuke, commonly known as DBAN. It’s not as easy to use or configure as KillDisk is, but it definitely does the job.

Final note: Concerning low level formatting of this type, there is literally no reason to have a Windows style environment to do it. It is completely unnecessary to have VGA resolution and a mouse pointer just to perform a format. Do it the DOS/terminal way because it’s the best, fastest and most efficient.


  1. For those of you who use Linux like myself, there is a very easy method. Open a terminal and then type:

    dd if=/dev/zero of=/dev/hda (*)

    * Or replace ‘hda’ with whatever volume your interested in formatting

  2. I’m curious, wouldn’t it be just as secure for the disk to be written to all zeros the first time rather than erasing it seven times over?

    • No. A 1-pass (which is what you’re referring to) is no more secure than FORMAT C:. The DoD-7 formats, verifies and uses random characters to ensure secure erasure. 1-pass method can have data recovered easily. DoD-7 is a whole lot more difficult to do the same.

      The most secure that exists is the Gutmann 35-pass. This takes an excruciatingly long time to complete, but for the most secure erasure of super-sensitive data, there is no better.

      • Rich, I agree with you about the format command. A “format c:” only clears out a few areas in the file system and the links, or pointers, to those locations on disk. Files are easily recoverable. However I disagree with you about a single pass wipe on a drive. A single pass of 1’s or 0’s or whatever else you like is more then enough to stop someone from reading your drive. The days of reading “off-track” data have been long gone. Though it’s true there could be data in those regions, it would take millions of dollars of equipment to not only scan those regions of the drive, but to also decipher the encoding scheme used to write that data to the spinning platters, not to mention taking out the drive positioning information(servo) that is written every few sectors, sometimes right in the middle of them. No software has the smarts to get the heads to read off track and decipher this information. If people are looking at your drives that close, you better leave the country!

  3. Does that mean that (on Linux) the operation “dd if=/dev/zero of=/dev/hda” should be repeated at least 7 times? 😮

    • The UNIX dataset definition command’s primary purpose is for low-level copying and conversion of raw data, and not as a magnetic drive formatting utility. If you “dd” a drive, it is no more secure in erasure than FORMAT C:.


      One more note: If you were to use dd in a semi-secure way to wipe a drive, the proper way would be this:

      dd if=/dev/urandom of=/dev/hda

      That will wipe an entire disk with random data. But it’s still nowhere near as good as DoD-7.

      • …Which raises the question: How do you perform a valid DoD-7 formatting on Linux?
        By the way, thanks for the ‘urandom’ tip. 😉

  4. I’d just thought I’d like to add, that it is essential to run a basic eraser program to get rid of cookies and cashe and passwords and stuff, and also to delete the pagefile.sys file before you erase the slack space on any hard drive.

    • Obviously, I mean if you are selling a used pc that you are going to keep , say, the same windows operating system on

Speak Your Mind