Erase free space securely in Windows without third party tools

When you delete files in Windows, they can be easily recovered. Windows only marks the file as deleted, but physically the files stay on the hard drive until they are overwritten by new data. Although on an SSD, they are harder to recover than hard drives because of TRIM and garbage collection done by the SSD controller, all of the deleted data is not securely wiped by default. If you deleted some sensitive data and want to be sure that it cannot be recovered before you give your PC away temporarily for whatever reason, here is how to wipe the free space securely without any third party tool.


In Windows XP, Vista, Windows 7, Windows 8 and Windows 10, there is a console utility called "cipher". It is a command line tool to encrypt files using EFS (Encrypting File System). But it has an extra function. It can overwrite the free space so all data it contains will be erased securely.

To achieve this, cipher runs through 3 passes. The first pass fills the free space with zero data, the second one fills it with 0xFF numbers, and the final pass fills it with random numbers.

This procedure may take a lot of time, depending on how big your disk drive is and how much free space it contains.

To erase free space securely with cipher.exe, do the following.

  1. Open an elevated command prompt instance.
  2. Type the following command:
    cipher /w:C

    Replace "C" with the letter of your drive on which you want to wipe the free space.

Now wait till it finishes its job.

cipher in Windows 10

Note that on SSDs, this causes some extra writes which will in the long term slightly lessen its life span. But your free space will be securely erased, so nobody will be able to recover your sensitive files or know what activities you have done on the PC by recovering the partially deleted data. On hard disk drives, cipher.exe is an excellent way to securely wipe free space.

That's it.

9 thoughts on “Erase free space securely in Windows without third party tools

  1. Thark

    Hmm… possible to specify a folder? or it will taken the whole partition?

    Like or Dislike: Thumb up 0 Thumb down 0

    Reply
    1. Sergey Tkachenko Post author

      It will wipe the whole partition’s free space.

      Like or Dislike: Thumb up 2 Thumb down 0

      Reply
  2. Jack

    thanks again.

    Like or Dislike: Thumb up 0 Thumb down 0

    Reply
  3. Ydobon Erewhom

    Consider you have an SSD, does the deletion of fragments result in more usable space on the SSD ?

    Like or Dislike: Thumb up 0 Thumb down 0

    Reply
    1. Sergey Tkachenko Post author

      No.

      Like or Dislike: Thumb up 0 Thumb down 0

      Reply
  4. Jimmy

    Is this a lengthy process?

    Like or Dislike: Thumb up 0 Thumb down 0

    Reply
    1. Sergey Tkachenko Post author

      Can take more than 30 mins

      Like or Dislike: Thumb up 0 Thumb down 0

      Reply
  5. WndSks

    I would imagine that you could abort it with Ctrl+C after the first pass. The theory is that you can recover the data after one pass on a magnetic spinning disc but I’m not sure if that applies to SSDs and unless you are a spy it probably does not matter, recovery software will fail after one pass…

    Like or Dislike: Thumb up 1 Thumb down 0

    Reply
  6. KARIM

    I have already read something in the past about the command cipher but was not aware that it could lessen the life span of SSD
    Thanks for bringing out this information
    NB : can it be useful and without harm to a SDD which is already “over-provisioned” ?

    Like or Dislike: Thumb up 0 Thumb down 0

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *