I'm trying to understand secure erasing for SSDs. If I perform a secure erase, is that considered just one pass? If not, how many passes are needed to effectively secure erase an SSD?
2 Answers
SSDs work differently than HDDs when it comes to data storage. Essentially, for SSDs, you can remove the encryption key, which makes the data unrecoverable quite efficiently. With mechanical drives, on the other hand, magnetic residuals can linger, requiring multiple passes to ensure the data is truly gone. So, to answer your question, one secure erase on an SSD is typically enough.
True, but SSDs essentially wipe by zeroing out, which is fast and effective.
For SSDs, make sure to use the NVMe Secure Erase or ATA Secure Erase functions—these commands tell the SSD to discard any encryption keys and zero out all data quickly. One pass is generally sufficient if you trust the firmware. Just be cautious with the regular formatting methods; they might just leave you with scrambled data instead of truly erasing it. Some people still recommend a 30-pass wipe for peace of mind, but it doesn't necessarily guarantee complete data destruction and can reduce the lifespan of your drive. In contrast, mechanical drives usually require a minimum of a three-pass wipe to cover their bases.
If that's the case, why do many forensic specialists claim they can recover data from SSDs?