Microsoft

Pro tip: Use Windows 8's Format command to perform a secure disk wipe

Greg Shultz explains how the Format command's /P parameter works to securely wipe a disk.

Windows 8 security

A friend recently had an opportunity to acquire quite a large number of 1 GB USB flash drives that he could repurpose for a new project he was undertaking. The one stipulation was that he had to securely wipe each of the flash drives before he could actually take possession of them. He asked me what program I would recommend for securely wiping a disk. He said that he had heard that DBAN and File Shredder were good programs and wondered if I had any experience with them that I could share.

I told him that while I had used File Shredder in the past, I hadn't used DBAN. I also told him that there was an article on TechRepublic, "Five hard disk cleaning and erasing tools," that he should check out. However, I then suggested that since he was running Windows 8.1, he might want to just use the Format command. He looked at me kind of funny and asked me if I was pulling his leg. I explained that one of the behind-the-scenes enhancements in Windows 8 was a tweak to the Format command's /P parameter that gives it the ability to more securely wipe a disk. Once I explained it in more detail and showed him how it worked, he was pleased with his new found knowledge and went to work on the collection of the 1 GB USB flash drives.

In this article, I'll explain how the Format command's /P parameter works to securely wipe a disk.

Note: Using the /P parameter to securely wipe a disk does not meet any of the United States Department of Defense standards for hard disk data removal.

The first /P

When Microsoft launched Windows Vista in 2007 with all of its new fangled user interface features, they found time to enhance the Format command by adding the /P parameter. This new parameter allows you to overwrite every sector on a disk with 0s during the format procedure. The actual syntax of the parameter is:

Format volume /P:passes

As you can see, the /P parameter allows you to specify the number of passes or, in other words, the number of times that you want to overwrite every sector with 0s. By doing so, you decrease the likelihood that anyone would be able to retrieve any sensitive data. Even if you don't specifically use the /P parameter, the Format command will, by default, make one pass of the overwrite operation, unless you use the /Q parameter to perform a quick format.

The Windows 8 enhancement

Even though Windows 8 appeared to be all about the modern UI and the touch-based mode of interaction, Microsoft did indeed make some enhancements to the good old DOS commands. In particular, they enhanced the Format command's /P parameter. The parameter still allows you to specify the number of passes, but now instead of just overwriting the sectors on a disk with 0s, additional passes overwrite sectors with random numbers. Furthermore, the number of passes that you specify is in addition to a single pass of 0s.

So, for example, if you were to use the following command:

Format h: /P:4

With that command, the drive H: would be formatted and every sector on the disk would be overwritten once with 0s. Then, the Format command would overwrite each sector four more times -- each time with a different random number. Keep in mind that each additional pass that you specify will increase the amount of time that it will take the Format command to complete its task. However, as you can imagine, this will really decrease the likelihood that anyone would be able to retrieve any sensitive data.

On another note...

As you may remember, in a previous article ("When will the Windows Start menu return?"), I told you that in his session at Build 2014, Terry Myerson emphasized that the Windows desktop is the primary interface, that Windows Metro/Store apps will run in a resizable window, and that a modified Start Menu (an amalgamation of the Windows 7 Start Menu and the Windows 8 Start Screen) will all be coming to Windows 8.1 users as an update. I then told you that this new Start menu would more than likely not appear until Windows 9 sometime in 2015.

Well, as an update to that information, I suggest that you read the transcript from Tony Prophet's keynote session at the Worldwide Partner Channel conference on July 16th. Prophet, who is the Corporate Vice President, Windows Marketing, stated that "... we are hard at work on the next version of Windows. And while we have nothing to announce today, I will share with you a couple of features we're thinking about." He then talked briefly about the three things that Myerson mentioned. While his comments about the next version of Windows were far from explicit, the fact alone indicates to me that Windows 9 and the return of the Start menu is indeed far into the future.

What's your take?

Will you use the Format command's /P parameter to securely wipe a disk? What do you think about Tony Prophet's comments? Share your opinions in the discussion thread below.

Get the latest information about Microsoft, including some tips and tricks, by automatically subscribing to TechRepublic's Microsoft in the Enterprise newsletter.

About

Greg Shultz is a freelance Technical Writer. Previously, he has worked as Documentation Specialist in the software industry, a Technical Support Specialist in educational industry, and a Technical Journalist in the computer publishing industry.

5 comments
lhegler-admin
lhegler-admin

I have been using DBAN for several years. My organization requires our old hard drives be wiped using the minimum DOD standards.

Free Webapps
Free Webapps

I use seatools wipe tool, wd lifeguard, gdisk/wipe and dban. I pxe boot them all but I always end up using dban 98% of the time. Seatools and lifeguard are used to get fail codes for hard drive warranty purposes.

Gisabun
Gisabun

DBAN is what I'd use. For Lenovo users, you can also use SCRUB 3 [licensed to Lenovo users only]. Both have DoD & DoD "Short" wipings.

j.aussedat
j.aussedat

Sdelete from the sysinternals suite does the same thing,

Gisabun
Gisabun

@j.aussedat  Not quite. SDelete will do it on files and folders. It does not do it for the actual drive.

Editor's Picks