Secure Erase Hard Drive Mac Os
Macs hold their value very well, and it often makes sense to sell yours to help pay for the new model you are lusting after. Or you may be feeling generous, and you want to hand it down to someone needy. One question comes to mind; how do you secure your personal information? You do not want the new owner to have access to your banking information, browser history and chat logs, now do you? You really do not want to just hand it over as is. This MacTip will guide you through the disk erasing and fresh OS install process, so your can rest assured your data is safe no matter where your old Mac ends up. Following these steps will reset the computer to the “factory” unboxing state for the new owner to setup and enjoy.
Update: Originally published in March 2011, this guide was updated several times to stay current in light of removal of optical disk drives and updates to Internet Recovery. Last updated March 2017.
Erase Disk Mac
This guide will walk you though erasing your disk, and re-installing a fresh copy of macOS
Oct 10, 2010 Here are instructions on how to use Disk Utility to securely erase a hard drive connected internally or externally to your Mac. These instructions were written for Mac OS X 10.4 to 10.6. The process is very similar on older versions of Mac OS X, but the screens will look a. May 14, 2020 In this case, you’ll want to choose Macintosh HD to wipe the entire drive. Then, click the Erase button at the bottom of the window. Note: The Erase option will only appear as a clickable button when the computer is booted up using the command + R keys. Whether it’s a hard drive in an older Mac or an external hard drive, if it is accessible, you can use Disk Utility to securely erase it. Here’s how: Open Disk Utility via your Applications Utilities folder. Select the hard drive you want to securely erase from the list of available drives in the left column. Mar 01, 2011 Why you need to erase your hard drive/SSD. When you empty your trash bin on your Mac, the files are not really erased. Instead, the reference to the file is removed from the file system (which keeps a list of all the files on your computer), so the computer is able to write new information in the same physical area when space is needed. Although the Disk Utility app of Mac OS X can erase free space on Mac hard drive, there is a chance that it might not be able to do so in a secure manner. To make sure that the erasing of the free space is completed without any damage to the hard drive then using a data erasure tool is the best option.
Why you need to erase your hard drive/SSD
Delete Mac Hard Drive
When you empty your trash bin on your Mac, the files are not really erased. Instead, the reference to the file is removed from the file system (which keeps a list of all the files on your computer), so the computer is able to write new information in the same physical area when space is needed. This is much quicker than rewriting that disk space with blank data, and it also gives you a chance to recover accidentally deleted files with handy recovery software. We recommend erasing the drive with Apple’s Disk Utility keep your personal data safe.
Aug 30, 2016 Some Mac users may require the ability to erase a disk or erase a hard drive from the command line on Mac OS, a task which is typically performed through the Disk Utility application from the GUI. The command line approach to disk erasure in macOS is a bit different and it requires precise syntax to insure that you are erasing the proper disk, making this method of erasing any disk only.
Erasing your storage drive and performing a fresh install using macOS Recovery
You will need:
- A Wi-Fi network with an active Internet connection
- Time. Budget at least an hour for this process, slower Internet connections and older hardware will take longer.
Let’s begin!
Steps may vary with different version of macOS, and hardware configurations but the general idea is the same. We are erasing a 2014 MacBook Air running MacOS 10.12 Sierra, but the steps will be similar with any recent Mac. We are assuming you already copied all your data to an external backup, or to your new Mac, because the following steps will really erase your disk.
- Restart your Mac and hold down the following button combination:
Option + Command + R - The computer will begin to boot into the MacOS Recovery mode. The macOS Utilities menu will appear after a few minutes.
- Open Disk Utility to begin the disk erasing process. Select the Internal storage disk in the left-hand menu. It will be called Apple SSD on recent Macs.
- Click on the Erase button at the top of the Disk Utility, this brings up our disk formatting options. MacintoshHD is the default disk name in macOS, disk format required is Mac OS Extended (Journaled), and the Scheme is GUID Partition Map.
- After erasing the disk you are ready to move on to the operating system installation. An Internet connection is required to download a copy of macOS from Apple. Connect to a Wi-Fi network by clicking on the Wi-Fi icon at the top right of the menu bar.
- Now that you are connected to the Internet, click Reinstall macOS in the macOS Utilities menu.
- Follow the install prompts in the installation guide, read and agree the terms and conditions.
- When prompted to select an install disk, select the disk that we had just erased. There will only be one option in most cases.
- The computer will download a copy of macOS from Apple, and install it on the disk. The system download is several Gigabytes in size, therefore the length of time is determined by the speed of your internet connection.
- Once the installation is complete, the Mac will restart and display the factory fresh Welcome screen. At this point your Mac is ready to be handed over to a new owner.
- Unless the new owner is right there already with you, you will probably want to power down the Mac. Press the power button and a dialog box will appear that allows you to shut down.
- Give your beloved Mac a good physical wipe down with some dry cloths, and wave it goodbye.
Securely wiping a drive, removing all of its data, and ensuring that no meaningful information can be recovered, has long been a feature of Disk Utility and its erase function. Even though the default for Disk Utility is a simple erase, a secure wipe was just a few clicks away.
Two recent changes have made the traditional secure wipe, performed by overwriting a volume multiple times with various types of data patterns, largely a thing of the past. The first change, leading to less reliance on the various secure wipe options, has been the proliferation of SSDs, both as original equipment provided by Apple and by resellers, such as OWC, which bring higher performance storage systems to the Mac.
(Using the Security Options to sanitize a volume may be a thing of the past.)The second change that directly affects the Mac community, at least in the way free space can be securely erased, is the release of the APFS file system, and how it makes use of shared space between multiple volumes.
In this guide, we’re going to look at erasing volumes, partitions, and containers. We’ll be looking at drives formatted with APFS as well as those formatted with the traditional HFS+ file system. If you’re working with macOS Sierra or earlier, you may find the Rocket Yard Guide: How to Use Mac’s Disk Utility to Securely Wipe a Drive a good source of information for erasing your drives.
We’ll be using the Disk Utility app included with macOS High Sierra and later.
Erasing a Volume: The Basics
Let’s start off with erasing a volume to casually remove any stored data on the selected volume. In this case, we just want to free up the space for a new use, and aren’t worried about anyone being able to recover any of our old data.
Launch Disk Utility, located in the /Applications/Utilities folder.
Select View, Show All Devices, or click the View button in the Disk Utility toolbar, and select Show All Devices from the popup menu.
In macOS High Sierra and later, volumes can be carved out of the drive using partitions, or if the drive is formatted with APFS, they can be part of a container. By setting the sidebar to Show All Devices, we can readily see what a volume is associated with. This can affect the way we might choose to erase a volume.
(Make sure the volume you wish to erase is selected, then use the Erase button in the toolbar to begin the erase process.)In the sidebar, select the volume you wish to erase. The volume is the lowest item in a drive’s hierarchical view. You should see “Physical Drive, Volume” for HFS+ formatted drives, or “Physical Drive, Container, Volume” for APFS formatted drives.
With the volume you wish to erase selected, click on the Erase button in the Disk Utility toolbar, or select Erase from the Edit menu.
The Erase sheet will drop down, presenting the options to change the volume’s name and format, and whether to use any of the Security Options. In this example, we’re just performing a simple erase, so leave everything as is, except for changing the name, if needed, and then click the Erase button.
The erase sheet will change to display a progress bar. When the erase has finished, click the Done button.
Erasing a Hard Drive Volume with Security Options
If you wish to erase a hard drive’s volume and ensure the old information it contained can’t be easily recovered, you can use the Security Options offered when choosing the erase function.
But before you make use of the Security Options, make sure the volume being erased is part of a hard drive and not a fusion drive or an SSD. The security options can shorten the life of SSDs by causing excessive writes to the SSD to occur. In the case of SSDs, for all but the most advanced security needs, you don’t need to use any of the multiple write security options to prevent old information from being recoverable.
(The Erase Security Options feature lets you pick the number of write passes that are made on the selected volume.)If the volume you wish to erase is part of a hard drive, follow the steps outlined in Erasing a Volume: The Basics, above, until the erase sheet is shown. At this point, click the Security Options button.
The Security Options sheet will be displayed, showing a slider you can use to select one of four methods to erase the selected drive. The Fastest method is the same as the standard erase, and performs no special function to ensure any level of security. Picking this option will result in the volume being erased, but data can be recovered with basic data recovery apps.
Moving the slider one click towards the right will produce the first secure erase, which writes a pass of random data followed by a pass of all zeros across the selected volume. This two-pass write method will keep most individuals with prying eyes using conventional data recovery techniques from being able to access your old information.
The next security option produces a DOE-compliant three-pass secure erase. It uses two passes of random data followed by a third pass using a predefined data pattern. Using this method should secure your old data against most individuals, businesses, and governments not willing to spend excess money or time to uncover your data.
How To Erase A Disk For Mac
The last and most secure option is a seven-pass erasure that meets DOD 5220-22M standards for a secure wipe of magnetic media.
As you advance the slider to more secure options, you also substantially increase the time it takes to perform the erase. Make sure you really need this level of security before proceeding.
Make your selection and click the OK button, then click the OK button to begin the actual erase.
Securely Erasing SSDs and APFS Volumes
Unless you need to meet a specific business or government requirement, SSDs don’t need to use the secure erase options listed above. By their physical nature, SSDs are inherently secure after a basic erase process. The reason for this has to do with the internal architecture, logical to physical cell mapping, and wear leveling. Once the logical to physical map is removed, which occurs during a standard erase, accessing the internal data would just produce a hodge-podge of data that would be nearly impossible to decipher. You can read more about this in How to Use Mac’s Disk Utility to Securely Wipe a Drive.
If you’re really worried about old information on your SSD being recoverable, and you don’t think the inherent security offered by how an SSD works is enough, you can use this next method to produce an enhanced secure erase.
(Erasing a volume by changing the format to include encryption, followed up by a second standard erase, will create a nicely sanitized volume with little chance of data recovery.)A better and much faster method to produce a sanitized SSD volume is to encrypt the data on the drive, and then erase it, removing the stored encryption key along with everything else. Since encrypting the volume will make use of 128-bit encryption and use a 256-bit encryption key, it’s estimated it would take one billion years using brute force to break the encryption. Of course, it’s also possible that the first brute force attempt could break the encryption, but it isn’t very likely.
Discover more about setting up and using encryption in the Rocket Yard Guide: Data Privacy Day: Keep Your Data Safe From Prying Eyes with FileVault.
If you’re using an APFS volume or an HFS+ volume, you can use the optional encryption format, available when you erase a drive. Simply follow the steps in Erase a Volume: The Basics, above, and when the Erase sheet appears, change the format drop-down menu to APFS (Encrypted), or Mac OS Extended (Journaled, Encrypted).
You can also encrypt a volume by right-clicking on the volume on the Desktop or in a Finder window and selecting Encrypt “Volume Name” from the popup menu.
Erasing APFS Containers
APFS volumes share the space within a container. This space sharing has a number of advantages, letting your volumes grow and shrink automatically as needed. But it could also have a security disadvantage. The shared space area of a container could hold old file data, even though the volume that originally contained the information was deleted.
If the container uses APFS encryption or the APFS formatted drive is an SSD, this should not be a concern. In the case of an SSD, the logical to physical map detailing the location of any old file was removed when the volume was deleted. And if the volume was using encryption, the encryption key was lost when the volume was removed.
Even so, some of you will want to be doubly, or even triply, sure, and erase the container when a volume is also deleted.
Note: This process is only valid when a container houses multiple volumes and the physical drive contains multiple containers. If you have a container with only a single volume there’s no need to remove the container.
(Use the minus (-) button to remove a container.)To erase a container, select the container from the Disk Utility sidebar.
With the container selected, click the Partition button in the toolbar.
A sheet will drop down, asking if you wish to partition or add a volume. Click the Partition button.
A pie chart will appear, displaying any container or partitions on the physical drive. Make sure the container you wish to remove is selected in the pie chart.
Warning: The next steps will erase data from the selected item.
Click the minus (-) button to have all volumes housed within the container, as well as the container itself, removed. The pie chart will be updated to show the outcome. If this is what you intended, click the Apply button; otherwise, click the Revert button to leave the drive untouched.
Wiping a Volume, Container, or Drive: Troubleshooting
One of the more common problems you may encounter is the failure of an erase or a secure erase process to finish. In most cases, the problem occurs when the targeted volume or container fails to unmount. This can occur because one or more files is in active use. Close all open apps, including Disk Utility, then relaunch Disk Utility and try again.
If you still have an unmount failure, you can try manually unmounting the volume by selecting the volume in the Disk Utility sidebar, and then select Unmount from the Edit menu.
Another common problem is the inability to delete a container. This problem can arise when a container houses multiple volumes. Normally, deleting a container should force all volumes within the container to be removed, and then the container to be deleted. If a volume should fail to be removed, the container delete process will quit with an error. Try deleting each volume within the container by right-clicking the volume in the sidebar and selecting Remove Volume from the popup menu. Repeat for each volume within the container.
You can also run into an issue if the container you wish to delete is the first container on a drive. APFS drives require at least one container. Instead, perform an erase on the physical drive (Warning: All data on the drive will be lost).
Be Sociable, Share This!
OWC is on-site wind turbine powered at 8 Galaxy Way, Woodstock, IL 60098 | 1-800-275-4576 | +1-815-338-8685 (International)
All Rights Reserved, Copyright 2018, OWC – Since 1988