When you delete a file from your computer, it doesn’t simply disappear from existence—at least, not right away. Even if you immediately empty the Recycle Bin or Trash folder, all your deletion does is earmark the space that file takes up on your hard drive as vacant. Until another file or application comes along to make use of that room, the old data will remain. This is why specialized programs can often recover deleted files for you.
But recovery isn’t always a priority. If you want to securely delete sensitive files, or you’re selling your old computer to another person, you need to make sure that no clever software will ever be able to bring your old files back from the dead. Follow this guide to make sure unwanted files disappear from your computer, tablet, or phone forever, beyond the reach of even the most determined data forensics team. Just make sure you really want to permanently erase the data before you start.
No matter what type of computer you’re using, your first move should be to delete the file from File Explorer in Windows or Finder in macOS. Then clear out whichever undelete tool your operating system uses—either the Recycle Bin or the Trash folder. That’s where most people would stop and move on to another task, leaving their data vulnerable. But you’re not most people.
If you’re using an older desktop computer or laptop, it probably has a traditional mechanical hard drive, also called an HDD. If you’re unsure, a quick glance at the specs should tell you one way or another. Data on these drives is stored close together, which makes the information easier to recover.
To overcome this problem and securely remove a file or folder, you’ll need the help of a third-party program. For Windows, the simple Eraser tool is one of the best, or you can try Recuva, which is billed as a file recovery program but also performs secure deletions. Both free programs work similarly: They overwrite the vacant space on your drive with random data so the original files and folders can’t be brought back.
For a Mac with a mechanical hard drive, the process depends on the age of your machine. On newer HDD Macs, we’d recommend Permanent Eraser, which is free. Simply point this app to the files and folders you want to get rid of, and it will take care of the rest. But if you’re running an older device with Yosemite or an earlier version of macOS, you can simply open the Finder menu and choose Secure Empty Trash, an option that overwrites all the files in the Trash folder with junk data.
The options differ because Apple removed the Secure Empty Trash function from El Capitan and all subsequent versions of its software. The company did so because its new MacBooks use solid-state drives, or SSDs, which work differently than mechanical HDDs. If your Windows or Mac machine has an SSD, you’ll need a distinct approach.
Many laptops, especially those built by Apple, contain solid-state drives. These are becoming ubiquitous because they’re much faster than hard drives, though they are more expensive. SSDs also handle file deletions differently than mechanical drives: They don’t give you the same control over where data gets saved, so overwrite programs won’t work.
So, instead of writing over deleted files, SSD users need to encrypt the disk. Encryption means the username and password you use to log onto your computer will act as an unlock code for the files, even if they’ve been deleted. Without that code, no one can read what’s on your computer or recover erased files. The only danger is if someone discovers your username and password combination, logs onto your machine, and fires up a file recovery program. Because SSDs store bits of data at random locations around the disk, you don’t really have any way to prevent people from doing this. Just choose a strong password and be careful about who has access to your computer.
Macs should automatically encrypt files, but you can make sure by opening up System Preferences, then Security & Privacy, and the FileVault tab. If it isn’t already set to “on,” turn FileVault on, and it will make sure your deleted files become inaccessible. On Windows 10, you can employ the built-in BitLocker tool (search for it from the taskbar), but only if you have Windows 10 Pro. If you don’t, you can use a third-party alternative, such as the free VeraCrypt, to encrypt your disks.
If you’re selling your computer and want to permanently delete everything on it, you can go beyond encryption to protect your data. First, transfer everything you want to keep to another machine, remembering to back it up. Then, fully reinstall the operating system to securely wipe all the data on the SSD.
To reinstall macOS, follow Apple’s instructions. For Windows, you can follow Microsoft’s reinstallation instructions, or use SSD manufacturer tools to perform a full wipe as comprehensively as possible. These tools are available for SanDisk, OCZ, Samsung, and other SSDs.
Computers get a lot of data security press, but many of us keep vulnerable information on tablets and phones as well. These devices rely on flash storage similar to that used in SSD drives, so the deletion principles are the same: With no easy way to securely delete files, you must encrypt the data stored on your mobile devices. On the bright side, it’s virtually impossible to recover deleted files because apps only get limited control over the file systems on smartphones and tablets. That means you don’t really have to worry about files making an unwanted return on these devices.
Rather than bothering with secure deletion, you should instead protect your phones and tablets against unwanted visitors: Enable a fingerprint ID or at least a PIN code to prevent anyone but you from accessing your devices. If no one else has access, they can’t mess around and recover erased files, which would take a high level of technical know-how anyway. All iOS devices, as well as all Android devices that run version 6.0 (Marshmallow) or later, apply encryption by default. So as long as you protect your lock screen, you’ll be able to protect your data as well.
That said, if you’re getting rid of your mobile device, you should perform a complete factory reset to securely wipe everything on it. As always, make sure you have backups before you do. Your next step in iOS will be to hit the Reset option within the General menu inside the Settings app. On an Android device, open Settings and head to System, Advanced, and then Reset options. In there, you’ll find Erase all data (factory reset). In some cases, it is technically possible to retrieve data after such a reset, but that would require FBI levels of skills, so don’t lose sleep over it.
One final option we haven’t mentioned is putting on a pair of safety goggles and taking a hammer to your hard drive or smartphone and bashing it into oblivion. For good measure, you can run a few nails through the hard drive or flash storage to make sure it can never be accessed again. After that type of damage, no one will ever touch your deleted files. If you’re getting rid of your computer or mobile device, physical destruction is the ultimate in paranoid data protection.
This article was written by David Nield on Popsci