Appendix A: Using Cipher.exe to Wipe a Used Hard Disk Clean

Article
03/05/2008

Deleting or formatting a disk is not sufficient to remove confidential information from that disk. A skilled attacker may be able to restore files. Therefore, before redeploying a computer or hard disk, clean the contents.

To use Cipher.exe to wipe a used hard disk clean to protect the confidentiality of the data that formerly had been stored on the disk

Mount the hard disk in a computer running Windows.

To do this efficiently for multiple disks, connect the drive to a USB 2.0 to Serial Advanced Technology Attachment (SATA) or Intelligent Drive Electronics (IDE) adapter, and then connect the adapter to a USB port on the Windows computer.
Note the newly connected disks drive letter. Format the disk by running the following command:
```
FORMAT drive_letter: /FS:NTFS /V:label /X
```
When prompted, press ENTER.
After formatting is complete, run the following command to cryptographically erase residual data on the disk:
```
CIPHER /W:drive_letter:\
```

Cipher.exe erases residual data on the formatted disk by writing the disk with all 0s, then with all 1s, then with random numbers. The original data on the disk will now be very difficult to salvage; however, it may still be possible to salvage original data. For additional security, run the Cipher.exe command multiple times.

To improve the efficiency of cleaning a large number of disks, create a batch file containing these two commands, or connect and clean multiple disks simultaneously.

Appendix A: Using Cipher.exe to Wipe a Used Hard Disk Clean

Additional resources