How can I securely format a solid-state drive?

When selling / throwing away / giving away HDDs I always use DBAN to do a DoD wipe first.

Is this still a valid thing to do on an SSD?

Will it have an adverse effect on the SSD's lifespan?


A DoD wipe with DBAN would be unnecessary ...

SSD Security: Erase Solid State Drives Data

While it is still not common sense to securely erase data on hard drives (read: Securely Erase Files) before computers or hard drives are sold or given away the matter becomes even more complicated where SSD – Solid State Drives – are concerned. The positive aspect of Solid State Drives is that data cannot be recovered if it is overwritten on the drive which means that only one pass would be needed to erase the data on the SSD. The bad news however is that not the operating system but the controller is specifying where the data is written on the SSD.

This in effect means that all methods of overwriting free space are not sufficient for erasing the data securely on those drives. This also means as well that it is not possible to erase specific files securely on the SSD. Users who want to delete data securely on SSDs have therefor the following options at hand:

  • Encryption
  • Format
  • Filling the Drive

Encryption is surely the best method of ensuring that the data on a SSD is secure as it cannot be accessed without decryption. Formatting the drive on the other hand is only reasonable if no data on that drive is needed anymore. It would otherwise require extensive backup and restoration procedures. Filling the drive with data might work as well as it would overwrite anything on the drive as well.

Source


After the fact, but things have changed a lot in the last 10 months or so - a lot of SSD manufacturers are including (or will be soon) a secure erase function in their optional software utilities that will do the single wipe pass for you properly from a controller level. (I know Intel already has this and it works great.)


I agree with Molly minus the encryption. Encryption is a good way to protect data, but it doesn't erase it.

If you want to erase the whole SSD, DBAN on a single pass would work. I would set it to pseudorandom so if anyone looked it would look like it could be encrypted.

If you want to only wipe a file, using a conventional wipe program (one for a hard drive) would only make it save from undelete tools. I don't know of any data carving tools that are SSD/flash wear leveling aware, but I'm sure if they aren't out there, they will be. The most effective way to wipe a file from a SSD/flash is to fill all the free space.

All that said, I don't know if all the spare cells in the flash would be overwritten. (Most flash have spare cell just like hard drive have spare sectors.)

Also, strictly speaking, overwriting (no matter the passes done) is no longer authorized by the DoD to sanitization hard drives. Also, many software say DoD wipe but do the 3-pass and not the 7-pass. In addition, I hear from many people talking about hard drive magnetics and the best wipe is a multipass random pattern. They say having a known pattern would make reconstruction easier.