Solid State Drives (SSD) work a little differently than hard drives, and no amount of drilling holes, degaussing, or zeroing out will actually properly secure the SSD. If you need to get rid of an SSD, you have a couple of options: Encrypt or shred. Here’s what you need to know.
Photo by Laineema.
If you’re curious about the technical reasons why traditional formatting or hard drive destruction isn’t the best way to securely erase data on SSDs, Backblaze has a great guide that details why old hard drive methods don’t work. The short version is that there is no standard method for securely deleting data from an SSD, and that means there’s no universally accepted secure format option for SSDs. Some manufacturers make their own software for formatting their own hard drives, but it’s tough to independently verify any of them.
Instead, Backblaze (and others) suggest two approaches: Encrypt the SSD and throw away the key, or shred it. Shredding an SSD requires a special machine that most of us don’t have access to, so let’s just focus on the encryption method. This is good enough for most of us who aren’t working on top secret projects because without the encryption key, an encrypted SSD is basically just a drive full of random ones and zeroes.
If you’re getting rid of an SSD for whatever reason, the process is simple. Encrypt it first, format it, and if you want to be super careful, encrypt it again.
This guide assumes you want to remove, destroy and never again access data on your computer, so make sure everything is backed up because you will not get access to it again.
How to Encrypt an SSD on Windows
- Download and install VeraCrypt.
- Launch VeraCrypt and select System > Encrypt System Partition/Drive.
- Choose Normal encryption when prompted then click Next.
- Select “Encrypt the whole drive”.
- Assuming you only have one operating system installed, select Single-boot and click next.
- For Encryption Options, you can leave this on the default setting: AES for encryption algorithm and SHA-256 for Hash Algorithm.
- Create a password. You will need to enter this one more time before the process is over, so write it down for now.
- Follow the on-screen instructions to move your mouse around, and click Next when it’s all done.
- When asked to create a Rescue Disk, click Next. This is a required recovery option that assumes you want to continue using this SSD.
- Select “1-pass” for the Wipe Mode and click Next.
- Finally, click Test to test everything out. Once your computer reboots, you’ll be asked for your password. Enter that, then follow the on-screen instructions to complete the encryption process.
Once your done, you can toss out the encryption keys, making it nearly impossible for anyone to recover data from the SSD if they find.
How to Encrypt an SSD on Mac
You can easily encrypt your SSD on a Mac using the built-in encryption tool, FileVault:
- Open System Preferences and head to Security & Privacy > FileVault.
- Click the lock icon and enter your password.
- Click “Turn on FileVault”.
- When prompted, choose “Create a recovery key and do not use my iCloud Account”, then press Continue. Normally, you’d make a special note of this recovery key so you can access it later. Since you’re destroying the SSD, it’s not an issue.
- Restart your computer when prompted.
Your Mac’s SSD is now encrypted.
You can now format the drive. If you want to be extra careful, after you format it, encrypt it again. This ensures the first encryption key is overwritten completely. Doing so won’t make a huge difference in the likelihood of someone accessing it, but it’s a little better for peace of mind.