What do I do with a Mac that still has personal data on it? Do I take out the disk drive and smash it? Do I sweep it with a really strong magnet? Is there a difference in how I handle a hard drive (HDD) versus a solid-state drive (SSD)?

Well, taking a sledgehammer or projectile weapon to your old machine is certainly one way to make the data irretrievable, and it can be enormously cathartic as long as you follow appropriate safety and disposal protocols. But there are far less destructive ways to make sure your data is gone for good. Let me introduce you to secure erasing.

Your computer and the external drives you may use store all of your personal data. The computer’s drive will contain all of your emails, contacts, documents, and more—in other words, all of the sensitive data that you wouldn’t want to share with other people. Hackers looking to exploit data that provides access to passwords or your identity are particularly interested in getting their hands on this data. Before you get rid of your old computer, whether that’s tossing it or selling it, it’s best practice to ensure all of that data has been securely erased from your drive so that it can’t be accessed by anyone else.

Which Type of Drive Do You Have?

Before we start, you need to know whether you have a HDD or a SSD. Around 2010, Apple moved to using only SSD storage in its devices, although its desktop computers continue to offer the option of both SSD and HDD storage. Apple also now features devices with Flash SSDs, a hybrid of HDDs and SSDs. If you bought your device before 2010 or you have a desktop computer, there’s a chance you may be using an HDD. For people using older models, you may be looking to erase your drive before you upgrade or change devices.

To find out whether your device has a HDD or SSD, or at least to make sure, click on the Apple menu and select “About this Mac.” Once there, select the “Storage” tab to see which type of drive is in your system.

The first example, below, shows a SATA Disk (HDD) in the system.

In the next case, we see we have a solid state SATA Drive (SSD), plus a Mac SuperDrive.

The third screenshot shows an SSD as well. In this case it’s called “Flash Storage.”

Make Sure You Have a Backup

Before you get started, you’ll want to make sure that any important data on your hard drive has moved somewhere else. macOS’s built-in Time Machine backup software is a good start, especially when paired with Backblaze Computer Backup. You can learn more about using Time Machine in our Mac Backup Guide.

With a local backup copy in hand and secure cloud storage, you know your data is always safe no matter what happens. We call this the 3-2-1 backup strategy—it keeps your data safe while you erase your hard drive without losing any of it when you move to a new device. To learn more about this rule and other ways to keep your data safe, check out our guide on different backup strategies.

Once you’ve verified your data is backed up, roll up your sleeves and get to work. The key is macOS Recovery—a special part of the Mac operating system since OS 10.7 Lion.

How to Wipe a Mac Hard Disk Drive

Since November 2020, Apple debuted its first Macs equipped with M1 chips, notably in the 13-inch MacBook Pro, MacBook Air, Mac mini, iMac, and iPad Pro models. This silicon chip benefits in performance from the previous Intel-based Mac, but it also means that the steps to erasing each drive differ slightly.

To check what kind of chip you have in your Mac, go to your Apple menu and select “About This Mac.” If your computer has an M1 chip, you will see the word “Chip” followed by the name of the chip, as in the image below.

If you have an Intel-based Mac, you will see “Processor,” instead, followed by the name of an Intel processor.

How to Wipe an Intel-based Mac

1. Starting with your Mac turned off, press the power button, then immediately hold down the command and R keys and wait until the Apple logo appears.
2. When the Recovery window appears, select Disk Utility.
3. In the sidebar, choose Macintosh HD.
4. Click the “Erase” button, then select a file system format and enter a name for it. Your options for a file system format include Apple File System (APFS), which is the file system used by macOS 10.13 or later; Mac OS Extended, which is the file system used by macOS 10.12 or earlier.
5. Optionally and if it’s available, select “Security Options” and use the slider to choose how many times to write over the erased data, then click “OK.” (Secure erase options are available only for some types of storage devices. If the “Security Options” button is not available, Disk Utility cannot perform a secure erase on the storage device.
6. Click “Erase,” then click “Done.”

There are four notches to that “Security Options” slider. “Fastest” is quick but insecure—data could potentially be rebuilt using a file recovery app. Moving that slider to the right introduces progressively more secure erasing. Disk Utility’s most secure level erases the information used to access the files on your disk, then writes zeros across the disk surface seven times to help remove any trace of what was there. This setting conforms to the DoD 5220.22-M specification. Bear in mind that the more secure method you select, the longer it will take. The most secure methods can add hours to the process.

How to Wipe a Mac With an M1 Chip

1. Turn on your Mac and continue to press and hold the power button until the startup options window comes up. Click “Options,” then click “Continue.”
2. When the Utilities window appears, select Disk Utility.
3. In the sidebar, choose Macintosh HD.
4. Click the “Erase” button, then select a file system format and enter a name for it. For Macs with an M1 chip, your option for a file system format is only APFS.
5. Click “Erase Volume Group.”

NOTE: If you’re interested in wiping an SSD, see the section below.

Once it’s done, the Mac’s hard drive will be clean as a whistle and ready for its next adventure: a fresh installation of OS Big Sur, being donated to a relative or a local charity, or just sent to an e-waste facility. Of course, you can still drill a hole in your disk or smash it with a sledgehammer if it makes you happy, but now you know how to wipe the data from your old computer with much less ruckus.

The above instructions apply to older Macintoshes with HDDs. What do you do if you have an SSD?

Securely Erasing SSDs, and Why Not To

If your Mac comes equipped with an SSD, Apple’s Disk Utility software won’t actually let you zero the hard drive.

Wait, what?

In a tech note posted to Apple’s own online Knowledge Base, Apple explains that secure erase options are not available in Disk Utility for SSDs.

In fact, some folks will tell you not to zero out the data on an SSD, since it can cause wear and tear on the memory cells that, over time, can affect its reliability. This shouldn’t be nearly as big an issue as it used to be because SSD reliability and longevity has improved.

If “Standard Erase” doesn’t quite make you feel comfortable that your data can’t be recovered, there are a couple of options.

FileVault Keeps Your Data Safe

One way to make sure that your SSD’s data remains secure is to use FileVault (see “All About FileVault: Encryption for Your Mac”). FileVault is whole-disk encryption for the Mac. With FileVault engaged, you need a password to access the information on your hard drive. Without it, that data is encrypted.

There’s one potential downside of FileVault—if you lose your password or the encryption key, you’re screwed: You’re not getting your data back any time soon. Losing a FileVault key happens more frequently than it should.

When you first set up a new Mac, you’re given the option of turning FileVault on. If you don’t do it then, you can turn on FileVault at any time by clicking on your Mac’s System Preferences, clicking on “Security & Privacy,” and clicking on the FileVault tab. Be warned, however, that the initial encryption process can take hours, as will decryption if you ever need to turn FileVault off.

With FileVault turned on, you can restart your Mac into its Recovery System (by restarting the Mac while holding down the command and R keys) and erase the hard drive using Disk Utility, once you’ve unlocked it (by selecting the disk, clicking the File menu, and clicking “Unlock”). That deletes the FileVault key, which means any data on the drive is useless.

Nowadays, most Macs manage disk encryption through the T2 chip and its Secure Enclave which is entirely sandboxed from the main computer itself. This is why Filevault has no CPU overhead—it’s all handled by the T2 chip. Although FileVault doesn’t impact the performance of most modern Macs, I’d suggest only using it if your Mac has an SSD, not a conventional HDD.

Securely Erasing Free Space on Your SSD

If you don’t want to take Apple’s word for it, if you’re not using FileVault, or if you just want to, there is a way to securely erase free space on your SSD. It’s a little more involved but it works.

Before we get into the nitty-gritty, let me state for the record that this really isn’t necessary to do, which is why Apple’s made it so hard to do. But if you’re set on it, you’ll need to use Apple’s Terminal app. Terminal provides you with command line interface access to the OS X operating system. Terminal lives in the Utilities folder, but you can access Terminal from the Mac’s Recovery System, as well. Once your Mac has booted into the Recovery partition, click the Utilities menu and select Terminal to launch it.

From a Terminal command line, type:

diskutil secureErase freespace VALUE /Volumes/DRIVE

That tells your Mac to securely erase the free space on your SSD. You’ll need to change VALUE to a number between 0 and 4. 0 is a single-pass run of zeroes, 1 is a single-pass run of random numbers, 2 is a 7-pass erase, 3 is a 35-pass erase, and 4 is a 3-pass erase. DRIVE should be changed to the name of your hard drive. To run a 7-pass erase of your SSD drive in “JohnB-Macbook,” you would enter the following:

diskutil secureErase freespace 2 /Volumes/JohnB-Macbook

And remember, if you used a space in the name of your Mac’s hard drive, you need to insert a leading backslash before the space. For example, to run a 35-pass erase on a hard drive called “Macintosh HD” you enter the following:

diskutil secureErase freespace 3 /Volumes/Macintosh\ HD

Something to remember is that the more extensive the erase procedure, the longer it will take.

When Erasing Is Not Enough—How to Destroy a Drive

If you absolutely, positively, need to be sure that all the data on a drive is irretrievable, see this Scientific American article (with contributions by Gleb Budman, Backblaze CEO), “How to Destroy a Hard Drive—Permanently.”

Since you’re interested in SSDs, you might enjoy reading other posts in our SSD 101 series. And if you’d like to learn how to securely erase a Windows PC HDD or SSD, take a look at our guide here.