Somacon.com: Articles on web development, software, and hardware
§ Home > Index > Freeware

Using Cipher to Erase Disk Unused or Free Space

Windows XP comes with the Cipher utility that allows you to clear all the unused disk space on a disk drive. This is useful when you want to sell an old drive, to make sure none of the deleted files can be restored. Many companies sell software that performs this function, but Windows includes this ability for free. This article describes how to use it.

Cipher is included in Windows 2000, 2003, and XP. On Windows 2000, you will need to get the latest version from the Microsoft cipher download page. For complete documentation, refer to the Cipher Documentation.

The /W options performs the function, and is described below:

/W        Removes data from available unused disk space on the entire
          volume. If this option is chosen, all other options are ignored.
          The directory specified can be anywhere in a local volume. If it
          is a mount point or points to a directory in another volume, the
          data on that volume will be removed.

Directions

Deleting a file does not erase the actual data of the file. Until that space is overwritten by a new file or data (randomly), it can be restored easily using special, easily-obtainable software. Therefore, after deleting files, you need to run such a program to ensure that the data of those files is also gone.

For example, you would want to run this command when you sell the drive or otherwise physically dispose of the drive. You might also want to use it if you deleted some sensitive data, and there was a risk that someone may gain physical access to the drive (such as with a laptop).

To cancel the operation, press Ctrl+C. All the commands are case-insensitive.

How it works

Cipher creates a temporary folder called EFSTMPWP on the volume. Then, it creates one or more temporary files in that folder, and writes data to those files. First it writes zeros, then it writes ones, and finally, it writes random numbers. After running this to completion, one can be certain any previously deleted data can not be recovered off the disk. If you cancel the operation, you may need to delete the temporary folder manually.

Cipher works almost identically to the Erase Disk Free Space Script that I created. That script creates temporary files and writes zeros to them until the disk is full. That script will run three times faster than cipher, which does three write-passes instead of one. One write-pass writing zeros is probably sufficient for most needs, so you can use that script if you want something faster. Editing the script will also give you more control over the process.

Neither my script nor cipher can remove data from unavailable unused disk space. For the average user, this is almost certainly unnecessary though.

Since cipher is writing data to the entire unused space on the drive, and write operations on drives tend to be slow, it will takes a very long time to run. On a tiny, 256MB flash disk, it took approximately five minutes to run. A 100GB hard disk will have a faster write speed, but it still might take three hours to run, so you may want to run it overnight. See the sample output below:

Sample Cipher Output

C:\Documents and Settings\JohnDoe>cipher /w:f:\
To remove as much data as possible, please close all other applications while
running CIPHER /W.
Writing 0x00
................................................................................
...................
Writing 0xFF
................................................................................
...................
Writing Random Numbers
................................................................................
...................

C:\Documents and Settings\JohnDoe>

Links


Created 2006-04-18, Last Modified 2011-07-24, © Shailesh N. Humbad
Disclaimer: This content is provided as-is. The information may be incorrect.