How to wipe free space in Windows natively











up vote
7
down vote

favorite
1












Due to the nature of how filesystems like NTFS work, files that are deleted "permanently" from within Windows aren't immediately deleted - they're simply marked as deleted from the Master File Table (the hard drive's index) and therefore inaccessible from within the operating system using normal means.



This means that although a little harder to get to, they still exist on the drive until the space they occupy is overwritten by a newer piece of data, which can be never at all depending on how much free space the hard drive has. This makes deleted data easily recoverable to anyone capable of using dedicated data recovery tools like Recuva and GetDataBack.



On Windows, the wiping of free space is usually done via a (typically bloated) third-party GUI, despite the fact that it can be done relatively simply via the command-line in Linux.



Does such a command-line tool exist for Windows?










share|improve this question




























    up vote
    7
    down vote

    favorite
    1












    Due to the nature of how filesystems like NTFS work, files that are deleted "permanently" from within Windows aren't immediately deleted - they're simply marked as deleted from the Master File Table (the hard drive's index) and therefore inaccessible from within the operating system using normal means.



    This means that although a little harder to get to, they still exist on the drive until the space they occupy is overwritten by a newer piece of data, which can be never at all depending on how much free space the hard drive has. This makes deleted data easily recoverable to anyone capable of using dedicated data recovery tools like Recuva and GetDataBack.



    On Windows, the wiping of free space is usually done via a (typically bloated) third-party GUI, despite the fact that it can be done relatively simply via the command-line in Linux.



    Does such a command-line tool exist for Windows?










    share|improve this question


























      up vote
      7
      down vote

      favorite
      1









      up vote
      7
      down vote

      favorite
      1






      1





      Due to the nature of how filesystems like NTFS work, files that are deleted "permanently" from within Windows aren't immediately deleted - they're simply marked as deleted from the Master File Table (the hard drive's index) and therefore inaccessible from within the operating system using normal means.



      This means that although a little harder to get to, they still exist on the drive until the space they occupy is overwritten by a newer piece of data, which can be never at all depending on how much free space the hard drive has. This makes deleted data easily recoverable to anyone capable of using dedicated data recovery tools like Recuva and GetDataBack.



      On Windows, the wiping of free space is usually done via a (typically bloated) third-party GUI, despite the fact that it can be done relatively simply via the command-line in Linux.



      Does such a command-line tool exist for Windows?










      share|improve this question















      Due to the nature of how filesystems like NTFS work, files that are deleted "permanently" from within Windows aren't immediately deleted - they're simply marked as deleted from the Master File Table (the hard drive's index) and therefore inaccessible from within the operating system using normal means.



      This means that although a little harder to get to, they still exist on the drive until the space they occupy is overwritten by a newer piece of data, which can be never at all depending on how much free space the hard drive has. This makes deleted data easily recoverable to anyone capable of using dedicated data recovery tools like Recuva and GetDataBack.



      On Windows, the wiping of free space is usually done via a (typically bloated) third-party GUI, despite the fact that it can be done relatively simply via the command-line in Linux.



      Does such a command-line tool exist for Windows?







      windows hard-drive command-line security cmd.exe






      share|improve this question















      share|improve this question













      share|improve this question




      share|improve this question








      edited Nov 9 at 23:24

























      asked Nov 9 at 0:25









      Hashim

      2,83962852




      2,83962852






















          1 Answer
          1






          active

          oldest

          votes

















          up vote
          7
          down vote













          Such a tool exists in the form of a little-known Windows utility called cipher.



          cipher.exe has been included in Windows systems since Windows 2000, and had the original purpose of encrypting and decrypting files and folders using EFS encryption.



          However, all that's needed to securely wipe the free space on a hard drive is Cipher's /w switch:



          cipher /w:C:


          Note that cipher's syntax is slightly odd in that it requires one colon after the /w switch, followed by the drive letter of the drive that you want to securely wipe. If your system contains both a boot drive and a data drive, you'll want to wipe both separately with cipher /w for maximum security, or wipe just the data drive to cover yourself for most purposes.



          enter image description here



          cipher works by creating a folder called EFSTMPWP on the root of the target drive; inside this folder, it successively fills three temporary files with zeroes, ones, and random numbers respectively, one after the other, to the size of the empty space left on the drive. By the time a file has taken up all of the drive's empty space, it's effectively forced the filesystem to overwrite all data held in its free space with the file's newly-written data, rendering any data previously held there permanently irrecoverable.






          share|improve this answer























          • Please be aware that on SSDs with overprovisioning, there are blocks that the OS is not aware of. The SSD itself will necessarily have vendor-specific tools for wiping those.
            – Christopher Hostage
            Nov 18 at 0:02











          Your Answer








          StackExchange.ready(function() {
          var channelOptions = {
          tags: "".split(" "),
          id: "3"
          };
          initTagRenderer("".split(" "), "".split(" "), channelOptions);

          StackExchange.using("externalEditor", function() {
          // Have to fire editor after snippets, if snippets enabled
          if (StackExchange.settings.snippets.snippetsEnabled) {
          StackExchange.using("snippets", function() {
          createEditor();
          });
          }
          else {
          createEditor();
          }
          });

          function createEditor() {
          StackExchange.prepareEditor({
          heartbeatType: 'answer',
          convertImagesToLinks: true,
          noModals: true,
          showLowRepImageUploadWarning: true,
          reputationToPostImages: 10,
          bindNavPrevention: true,
          postfix: "",
          imageUploader: {
          brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
          contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
          allowUrls: true
          },
          onDemand: true,
          discardSelector: ".discard-answer"
          ,immediatelyShowMarkdownHelp:true
          });


          }
          });














           

          draft saved


          draft discarded


















          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1373948%2fhow-to-wipe-free-space-in-windows-natively%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown

























          1 Answer
          1






          active

          oldest

          votes








          1 Answer
          1






          active

          oldest

          votes









          active

          oldest

          votes






          active

          oldest

          votes








          up vote
          7
          down vote













          Such a tool exists in the form of a little-known Windows utility called cipher.



          cipher.exe has been included in Windows systems since Windows 2000, and had the original purpose of encrypting and decrypting files and folders using EFS encryption.



          However, all that's needed to securely wipe the free space on a hard drive is Cipher's /w switch:



          cipher /w:C:


          Note that cipher's syntax is slightly odd in that it requires one colon after the /w switch, followed by the drive letter of the drive that you want to securely wipe. If your system contains both a boot drive and a data drive, you'll want to wipe both separately with cipher /w for maximum security, or wipe just the data drive to cover yourself for most purposes.



          enter image description here



          cipher works by creating a folder called EFSTMPWP on the root of the target drive; inside this folder, it successively fills three temporary files with zeroes, ones, and random numbers respectively, one after the other, to the size of the empty space left on the drive. By the time a file has taken up all of the drive's empty space, it's effectively forced the filesystem to overwrite all data held in its free space with the file's newly-written data, rendering any data previously held there permanently irrecoverable.






          share|improve this answer























          • Please be aware that on SSDs with overprovisioning, there are blocks that the OS is not aware of. The SSD itself will necessarily have vendor-specific tools for wiping those.
            – Christopher Hostage
            Nov 18 at 0:02















          up vote
          7
          down vote













          Such a tool exists in the form of a little-known Windows utility called cipher.



          cipher.exe has been included in Windows systems since Windows 2000, and had the original purpose of encrypting and decrypting files and folders using EFS encryption.



          However, all that's needed to securely wipe the free space on a hard drive is Cipher's /w switch:



          cipher /w:C:


          Note that cipher's syntax is slightly odd in that it requires one colon after the /w switch, followed by the drive letter of the drive that you want to securely wipe. If your system contains both a boot drive and a data drive, you'll want to wipe both separately with cipher /w for maximum security, or wipe just the data drive to cover yourself for most purposes.



          enter image description here



          cipher works by creating a folder called EFSTMPWP on the root of the target drive; inside this folder, it successively fills three temporary files with zeroes, ones, and random numbers respectively, one after the other, to the size of the empty space left on the drive. By the time a file has taken up all of the drive's empty space, it's effectively forced the filesystem to overwrite all data held in its free space with the file's newly-written data, rendering any data previously held there permanently irrecoverable.






          share|improve this answer























          • Please be aware that on SSDs with overprovisioning, there are blocks that the OS is not aware of. The SSD itself will necessarily have vendor-specific tools for wiping those.
            – Christopher Hostage
            Nov 18 at 0:02













          up vote
          7
          down vote










          up vote
          7
          down vote









          Such a tool exists in the form of a little-known Windows utility called cipher.



          cipher.exe has been included in Windows systems since Windows 2000, and had the original purpose of encrypting and decrypting files and folders using EFS encryption.



          However, all that's needed to securely wipe the free space on a hard drive is Cipher's /w switch:



          cipher /w:C:


          Note that cipher's syntax is slightly odd in that it requires one colon after the /w switch, followed by the drive letter of the drive that you want to securely wipe. If your system contains both a boot drive and a data drive, you'll want to wipe both separately with cipher /w for maximum security, or wipe just the data drive to cover yourself for most purposes.



          enter image description here



          cipher works by creating a folder called EFSTMPWP on the root of the target drive; inside this folder, it successively fills three temporary files with zeroes, ones, and random numbers respectively, one after the other, to the size of the empty space left on the drive. By the time a file has taken up all of the drive's empty space, it's effectively forced the filesystem to overwrite all data held in its free space with the file's newly-written data, rendering any data previously held there permanently irrecoverable.






          share|improve this answer














          Such a tool exists in the form of a little-known Windows utility called cipher.



          cipher.exe has been included in Windows systems since Windows 2000, and had the original purpose of encrypting and decrypting files and folders using EFS encryption.



          However, all that's needed to securely wipe the free space on a hard drive is Cipher's /w switch:



          cipher /w:C:


          Note that cipher's syntax is slightly odd in that it requires one colon after the /w switch, followed by the drive letter of the drive that you want to securely wipe. If your system contains both a boot drive and a data drive, you'll want to wipe both separately with cipher /w for maximum security, or wipe just the data drive to cover yourself for most purposes.



          enter image description here



          cipher works by creating a folder called EFSTMPWP on the root of the target drive; inside this folder, it successively fills three temporary files with zeroes, ones, and random numbers respectively, one after the other, to the size of the empty space left on the drive. By the time a file has taken up all of the drive's empty space, it's effectively forced the filesystem to overwrite all data held in its free space with the file's newly-written data, rendering any data previously held there permanently irrecoverable.







          share|improve this answer














          share|improve this answer



          share|improve this answer








          edited Nov 17 at 23:02

























          answered Nov 9 at 0:25









          Hashim

          2,83962852




          2,83962852












          • Please be aware that on SSDs with overprovisioning, there are blocks that the OS is not aware of. The SSD itself will necessarily have vendor-specific tools for wiping those.
            – Christopher Hostage
            Nov 18 at 0:02


















          • Please be aware that on SSDs with overprovisioning, there are blocks that the OS is not aware of. The SSD itself will necessarily have vendor-specific tools for wiping those.
            – Christopher Hostage
            Nov 18 at 0:02
















          Please be aware that on SSDs with overprovisioning, there are blocks that the OS is not aware of. The SSD itself will necessarily have vendor-specific tools for wiping those.
          – Christopher Hostage
          Nov 18 at 0:02




          Please be aware that on SSDs with overprovisioning, there are blocks that the OS is not aware of. The SSD itself will necessarily have vendor-specific tools for wiping those.
          – Christopher Hostage
          Nov 18 at 0:02


















           

          draft saved


          draft discarded



















































           


          draft saved


          draft discarded














          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1373948%2fhow-to-wipe-free-space-in-windows-natively%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown





















































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown

































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown







          Popular posts from this blog

          Probability when a professor distributes a quiz and homework assignment to a class of n students.

          Aardman Animations

          Are they similar matrix