How to securely wipe a Windows PC
Secure PC disposal is a big deal. Companies want to ensure no data escapes from their corporate laptops. Even if you’re just using a PC at home, you want to make sure your sensitive files — financial documents, private photos, and whatever else — aren’t recoverable by whomever might next have the system in their hands.
Back in the Windows 7 days — and before — wiping a PC before disposing of it was complex. You had to hunt down specialized tools for erasing a PC’s drive, and then you needed Windows installation media to get the computer into a like-new-from-the-factory state. None of this is necessary anymore; everything you need is built directly into Windows and available in a few clicks, once you know where to look.
But, to be as secure as can be, you really have to go out of your way to find and activate all the right settings.
Want more PC advice? My free Windows Intelligence newsletter delivers the best Windows tips straight to your inbox. Plus, you’ll get free Windows Field Guides as a special welcome bonus!
Securely wiping Windows: First considerations
When you (or your organization) are done with a PC, you have several options for the device’s future. You can recycle or sell it, ensuring it’s useful to someone else in the future. There are obvious environmental benefits here — and financial benefits, too, if you can sell the PC or donate it for a tax deduction. But there are risks, too.
Organizations that demand high data security often destroy computers or their storage devices, taking them out of commission. If an organization has a PC holding “the nuclear launch codes,” it’s clearly a better idea to destroy it than repurpose it. That’s an extreme example, but it proves the point: If the CEO of a large company has a PC with sensitive trade secrets on it, that organization will almost certainly want to physically destroy the computer rather than risk the data somehow being recoverable and falling into the wrong hands.
Still, for most people and organizations, repurposing a PC and keeping it in good working health — whether for someone else in the office or someone else you’re passing it along to — is the best move.
How to wipe a PC’s storage and restore a fresh copy of Windows
When you’re getting rid of a PC, you want to be sure of two things: First, you want to ensure all your personal files are deleted in a way that can’t be recovered. Second, you want to be sure the machine has a shiny new copy of Windows installed so it’s immediately usable.
Thankfully, on both Windows 11 and Windows 10, this is easy. (PC geeks used to have to first hunt down utilities like DBAN (Darik’s Boot and Nuke) for wiping a computer’s hard drive and then reinstall Windows from installation media.)
First you’ll want to back up any important files before continuing. This process will erase everything on your PC.
- On Windows 11, open the Settings app, select “System,” select “Recovery,” and then click the “Reset PC” button under Recovery options.
- On Windows 10, open the Settings app, select “Update & security,” select “Recovery,” and then click the “Get started” button under Reset this PC.
Chris Hoffman, IDG
To ensure Windows removes your files, click “Remove everything.”
Chris Hoffman, IDG
Windows will ask whether you want to reinstall its files by downloading them or by using the files currently on your PC. Either works — but if you want to save some download bandwidth, choose “Local reinstall.”
Chris Hoffman, IDG
On the Additional setting screen, be sure to click “Change settings.”
Chris Hoffman, IDG
Next, activate the “Clean data?” option. This will make Windows wipe the drive, ensuring the files can’t be recovered.
If your PC has multiple data drives, you will see a “Delete files from all drives?” option. You’ll want to activate that to wipe everything.
Chris Hoffman, IDG
Then continue with the process. Windows will “factory reset” itself, installing a fresh copy of the Windows operating system and cleaning your personal data files from the drive.
Companies can remotely wipe and lock PCs managed through tools like Active Directory and Mobile Device Management (MDM) solutions. If you’re using a Windows PC managed by an organization, you might not be able to rely on these reset options on the PC itself.
How to wipe a PC that won’t boot
If Windows won’t start up normally, you might be able to boot into the recovery menu. Here, you’ll find the Reset PC tool available as a troubleshooting option.
If that doesn’t work, you can download Windows 11 or Windows 10 from Microsoft. Microsoft’s easy-to-use download tool will turn a USB drive into Windows installation media. You can then reinstall Windows and get everything back into working order.
If neither of those tips works, your PC likely has a hardware problem. You might need to remove its storage device to securely dispose of it. However, if that storage was encrypted — as I outline below — there might not be much of a risk of someone accessing its data.
How to physically destroy PCs or data drives
Note that Windows says the “Clean data” option “will make it harder to recover files.” Microsoft is really hedging its bets here, refusing to guarantee that this option will make files impossible to recover.
Why is that? Well, the underlying hardware is a factor. A traditional mechanical hard drive uses spinning magnetic platters. Even if a magnetic hard drive is overwritten, an incredibly sophisticated adversary — think a nation state — might have a way to recover some of the data on that drive.
Even with a modern solid-state drive, it’s not 100% clear every last byte of data will be obliterated. It should be. But solid-state drives run their own firmware, which manages where the data is stored. Windows tells the SSD to wipe the data. but Windows can’t guarantee the SSD completely erased all traces of the data; there may be some out there with bugs that preserve some of the data, again allowing a sophisticated adversary to recover it.
This is all an example of why organizations might choose to physically destroy storage devices — just to be safe.
Is this a concern for the average user? Definitely not. But I expect government agencies dealing with highly sensitive data will be physically destroying drives out of an abundance of caution
Possible methods include incineration, crushing, or shredding. The key is physically destroying the drive’s hardware — you’re not relying on software; you’re destroying the hardware!
How disk encryption helps secure your data
Overall, a PC falling into the wrong hands — even before you wipe the its storage — is less risky than it used to be, thanks to disk encryption tools like BitLocker and Device Encryption becoming more widespread. Prior to these technologies, anyone with physical access could pop open a laptop or desktop PC and access the files on it. Now, the attacker would have to find a way to crack the encryption — otherwise the files will appear totally scrambled.
That’s why a modern PC becoming misplaced or stolen is less of a risk than it used to be. People won’t be able to access its contents if the storage is encrypted.
Likewise, this means it’s less essential to fully wipe or destroy a drive than it used to be. Even if someone gets their hands on a disk that contains sensitive data, it’s less at risk if it’s encrypted.
Still, there are no guarantees. If you’re protecting national security secrets, you’ll want to ensure something is totally destroyed for maximum security. And even if you aren’t, it’s a good idea to use the “Clean data” option to securely wipe any Windows PC’s disks.
Get even more Windows insights, tips, and tricks with my Windows Intelligence newsletter — three things to try every Friday. Plus, get free copies of Paul Thurrott’s Windows 11 and Windows 10 Field Guides (a $10 value) just for signing up.