I traded in a Mac to Apple last fall and I reformatted it and installed a brand new OS (mainly for my own comfort – I figured a new OS would overwrite enough stuff to make recovery of anything personal moot), but mainly all you need to do is remove your password since it’s encrypted. Seemed to work just fine.
(Going to the horse’s mouth, rather than Howard Oakley…) If your Mac is running macOS 12 Monterey, there’s a new Erase All Content and Settings command available from the File menu in System Preferences.
Boot into Recovery mode and perform an erase/reinstall of macOS
In both cases, everything not from Apple will be erased. I wouldn’t worry about your documents being recoverable after this. Macs use TRIM on the internal SSDs, so all of the deleted content will be marked garbage for later collection, making it inaccessible by software.
You could also choose to have Disk Utility write zeros over the entire SSD before you reinstall macOS. This will take a long time, but it will definitely make all the old data inaccessible by software, in case you don’t trust TRIM.
If you’re worried about someone removing the SSD before garbage collection takes place (to try and bypass the SSD controller and access the garbage data with your deleted files), the easiest way around this is to leave the computer powered on and idle for a few days afterward. Boot it into Recovery mode and let it sit that way. The SSD will collect its garbage during its idle time (which will be all the time) and all will be well. You won’t have any way of knowing when the garbage collection completes, but unless you want to physically remove and destroy the SSD, that’s about the best you can do.
I assume your old iMac is too old to have a T2 chip (I think only the 2017 iMac pro and 2020 iMac use it), but if you have a T2, then you don’t have to worry about garbage collection. The T2’s encryption will effectively block any attempt to bypass the SSD controller (which is the T2 chip).
This IMHO is the way to go. Choose a DOE-compliant erase (or if you have lost of time, DOD). It will take a while (IIRC about 8 hrs for a 2TB SATA over USB-C), but you can let it run over night. That way you get direct feedback that the operation took place and has completed. Little effort for good peace of mind.
Full disclosure, many-cycle random writes and zero writes are not recommended for frequent use on SSDs because they of course eat up the finite no. of r/w cycles every SSD has, but since you are disposing of this Mac, that’s of no concern to you.
But that won’t guarantee garbage collection for your deleted files either. It will just take longer and make those who don’t understand SSDs feel like they did something important.
Since you have absolutely no knowledge about what the SSD’s internal garbage collection algorithms are, you don’t know if all this overwriting will force your deleted files’ blocks to be flash-erased or if they will still be lurking somewhere.
In terms of what you can know for certain, it’s really no different than a single-pass write of zeros or just deleting all the files with TRIM running. Your old files will be inaccessible via software, but someone willing and able to bypass the SSD controller might still be able to recover something.
Single-pass write zeros if fine. But I would caution against just relying on TRIM. Depending on what make/model of SSD is being used TRIM might not be available or it might not be running the way you’d expect. Apple’s TRIM documentation has been very limited to put it mildly.
That’s true. I’ve been assuming that the original Apple-provided SSD is installed, in which case, TRIM should work as expected. Those are the only SSDs where Apple claims it is supported.
If it was replaced with an aftermarket SSD, then TRIM may or may not be enabled. Most of the time, you must use the trimforce command to enable it. If you just turned it on, then you should do a repair with Disk Utility, which will TRIM all free space at the end of its processing. But if the SSD didn’t implement TRIM properly (or at all), then the data might still be recoverable.
And a recommendation for a one-pass-write-zeros erase is also necessary if there is a hard drive involved - either as a secondary drive or as a Fusion drive. So it’s a good reccommendation if you’re not completely sure about what storage devices are present.
Use the System Information utility (option-click the Apple menu for a quick way to get there) and look at the category for the storage device. For my 2018 Mac mini, it’s the “NVMExpress” category, but yours may be in a different category (maybe “SATA”).
TRIM support should be indicated there. For example, on my system, I see:
If you have a genuine Apple SSD (as indicated by the device’s model name), then TRIM should be on and working. If you have an aftermarket SSD and TRIM is not enabled (which is the case for most aftermarket SSDs), then you can force macOS to use TRIM using the trimforce command.
After enabling TRIM (via trimforce), newly-deleted files will be TRIMmed, but files deleted before enabling it will not, so if you want to rely on TRIM, be sure it is enabled before you erase your data.
In older versions of macOS, Disk Utility would display a message indicating that it has TRIMmed all free space at the end of a repair, so you could perform a repair to make sure all deleted files have been TRIMmed. But in Big Sur, I no longer see this message, so I don’t know if it is still doing that or not.
In general, if you don’t have a genuine Apple SSD, it’s probably safest to assume that TRIM is not enabled and you should wipe the drive with all-zeros before reinstalling macOS.
I’m on Mojave with FileVault enabled, and while I’m not planning on erasing the drive anytime soon, I just want to make sure I understand correctly that performing a basic erase is enough to delete the key? After which reinstall the OS for added coverage.
Yes, if you have FileVault 2, you will essentially securely erase your drive as soon as you format it. Boot from another volume (external clone, Recovery or Internet Recovery, etc.) and choose to format the drive as APFS unencrypted. No password will be set. The drive will still contain the bits that were set there before, but since they had been encrypted with FileVault 2, you’d need that FileVault key to encrypt them. Without that key, anything left on that drive is gibberish.
Thank you Simon - that answers my question. I purchased the machine in Sept. 2019, and I don’t believe I turned on FileVault until sometime either later that year or possibly not until the following year, but I don’t think during that time I had anything vital stored on it. I have since stored a few passwords in my browsers (none for banking) which could always be deleted (assuming I remember first!) and have never stored any credit card info either. So I may have a small risk for whatever may not have been encrypted, but as I stated, I do not plan to sell anytime soon.