Identifying Types of Drives
There are different procedures on how to wipe an entire drive securely depending on the types of drives you use.
Traditional Spindle Hard Drives
- Download sdelete from sysinternals
https://docs.microsoft.com/en-us/sysinternals/downloads/sdelete - Find out the exact drive letter of the drive you wish to delete
- Run cmd.exe (command prompt) as an administrator. Type in the following and press Enter:
sdelete.exe -p 2 -c {drive letter} - Wait patiently
SSD/Hybrid Drives
For SSD/Hybrid drives, the procedure is different on erasing the drive safely and securely.
You will also need to check whether if the drive has a PSID or not.
With PSID
- Download sedutil-cli from https://github.com/Drive-Trust-Alliance/sedutil/wiki/Executable-Distributions
- Run Command Prompt (cmd.exe) as an administrator
- Type “sedutil-cli –scan” to find the drive you want to erase (you should see Yes next the the drive your working with).
- You should see the following message:
“INFO: revertTper completed successfully.”
If you get a message that says “NOT_AUTHORIZED” you entered the PSID wrong.
Without PSID
Do not use a standard drive wipe writing zeroes as you would with a spindle drive!
- Encrypt the disk with a long encryption key that you do not save.
Bitlocker: https://support.wdc.com/knowledgebase/answer.aspx?ID=14075
Veracrypt: https://www.veracrypt.fr/en/Downloads.html - Format the disk
- Encrypt the disk a second time
- Format for reuse