When you delete files in Windows, they can be easily recovered. Windows only marks the file as deleted, but physically the files stay on the hard drive until they are overwritten by new data. Although on an SSD, they are harder to recover than hard drives because of TRIM and garbage collection done by the SSD controller, all of the deleted data is not securely wiped by default. If you deleted some sensitive data and want to be sure that it cannot be recovered before you give your PC away temporarily for whatever reason, here is how to wipe the free space securely without any third party tool.
In Windows XP, Vista, Windows 7, Windows 8 and Windows 10, there is a console utility called "cipher". It is a command line tool to encrypt files using EFS (Encrypting File System). But it has an extra function. It can overwrite the free space so all data it contains will be erased securely.
To achieve this, cipher runs through 3 passes. The first pass fills the free space with zero data, the second one fills it with 0xFF numbers, and the final pass fills it with random numbers.
This procedure may take a lot of time, depending on how big your disk drive is and how much free space it contains.
To erase free space securely with cipher.exe, do the following.
- Open an elevated command prompt instance.
- Type the following command:
Replace "C" with the letter of your drive on which you want to wipe the free space.
Now wait till it finishes its job.
Note that on SSDs, this causes some extra writes which will in the long term slightly lessen its life span. But your free space will be securely erased, so nobody will be able to recover your sensitive files or know what activities you have done on the PC by recovering the partially deleted data. On hard disk drives, cipher.exe is an excellent way to securely wipe free space.