How to Securely Delete Files on Your Mac

Apple removed the “Secure Empty Trash” command from macOS in 2015 (with El Capitan). A lot of guides still tell you to use it, which is impossible — it’s gone — and they explain why with hand-waving. The actual reason matters, because it changes what “securely delete” means on a modern Mac.

Here’s what’s really happening when you delete a file, what threats secure deletion protects against, and what to do for true erasure on macOS Sonoma 14 and Sequoia 15.

Why Apple removed Secure Empty Trash

Secure Empty Trash worked by overwriting the file’s disk blocks with random data multiple times before marking them free. This was effective on traditional spinning hard drives — the file’s bits were physically overwritten and unrecoverable.

On SSDs, it doesn’t work that way. SSDs use wear levelling: when you write to a “block,” the SSD controller writes to a different physical location and remaps the address. Trying to overwrite a specific block doesn’t actually overwrite the physical NAND cells holding the original data. Those cells get marked free and may be erased later by the controller’s garbage collector — eventually, but not immediately, and not predictably.

Result: Secure Empty Trash on an SSD provided false reassurance. Apple removed it rather than mislead users.

What actually happens when you delete a file

On a modern Apple Silicon (or recent Intel) Mac with an SSD:

1. You move the file to Trash
2. macOS marks the file’s metadata to point to Trash
3. You empty Trash
4. macOS marks the file’s blocks as free and issues a TRIM command to the SSD
5. The SSD’s controller eventually erases those NAND cells in its background garbage collection
6. The blocks are now genuinely empty — but step 5 happens on the controller’s schedule, not yours

The TRIM command is the key. It tells the SSD “these blocks are no longer in use; you can erase them when convenient.” Modern SSDs do this fairly aggressively, but there’s no precise guarantee of when.

FileVault changes everything

If FileVault is on (and it should be), the picture changes radically. Every byte on your disk is encrypted with a key derived from your password (and the secure enclave on Apple Silicon). When you delete a file:

• The file’s disk blocks are still encrypted
• Even if those blocks were physically recoverable, they’d be encrypted gibberish without the FileVault key
• “Secure deletion” in the traditional sense is unnecessary — the encryption already provides confidentiality

For most threat models, FileVault on + standard delete = sufficient secure deletion.

To verify FileVault is on: System Settings → Privacy & Security → FileVault. Should say “FileVault is turned on.”

If it’s not on, turn it on. It’s the single best privacy and security setting on your Mac. Encryption is transparent — you won’t notice it. Performance impact is essentially zero on Apple Silicon Macs.

Threat models worth thinking about

“Secure deletion” only matters in specific threats. Here are common ones:

Threat: Selling or giving away the Mac. You want to make sure the next owner can’t recover any files. Solution: Erase All Content and Settings (System Settings → General → Transfer or Reset). This invalidates the FileVault keys, making all the disk’s encrypted contents permanent gibberish, then wipes and reinitialises. Faster than overwriting and equally secure on FileVault-enabled Macs.

Threat: A specific sensitive file that you want gone now. Tax documents, financial records, anything personally sensitive. Solution: with FileVault on, a normal delete + empty Trash is fine. The file is encrypted and the metadata is gone.

Threat: A nation-state adversary with disk forensics tools. Honestly, this is beyond the scope of normal “secure delete.” If you’re in this threat model, you need full-disk encryption (already have it via FileVault) plus operational practices around what you write to disk in the first place.

Threat: Malware on the Mac. Secure deletion doesn’t help with this — malware can read files before you delete them. Different problem, different solution.

What about HDDs?

If you’re on an old Intel Mac with a traditional spinning HDD (rare in 2026, but they exist), secure deletion is more meaningful. Overwriting the file’s blocks does physically replace the magnetic state.

For HDDs, you can use Terminal:

shred -u -z -n 3 /path/to/file

(shred may need to be installed via Homebrew.) Three passes is usually overkill, even on HDDs.

If you’re on an HDD, FileVault is even more important — software-level secure deletion is unreliable across different filesystems and tools, but encryption ensures plaintext never reaches an attacker.

The Erase All Content and Settings option

For wiping a Mac entirely (selling, gifting, recycling), use Apple’s built-in tool:

1. System Settings → General → Transfer or Reset
2. Erase All Content and Settings
3. Authenticate
4. Confirm

This is the modern equivalent of “Erase and reinstall macOS.” It:

• Invalidates FileVault keys
• Removes Activation Lock association with your Apple ID
• Wipes user data
• Resets settings to factory defaults
• Reinstalls macOS

After this, the Mac genuinely is unrecoverable. Sell or give it away with confidence.

Skip the manual huntSweep finds every cache, log, and forgotten file in seconds — only removes what you OK. Download Sweep free →

What about external drives?

If you have an external SSD or HDD with sensitive data, the same principles apply:

• For an SSD with hardware encryption (most modern external SSDs): erasing the encryption key via Disk Utility’s “Security Options” effectively destroys all data instantly.
• For an SSD without encryption: standard erase + a single overwrite pass is fine for typical threat models.
• For an HDD: multiple-pass overwrite is meaningful. Disk Utility offers this.

To erase a drive with security options:

1. Open Disk Utility (Applications → Utilities → Disk Utility)
2. Select the external drive in the sidebar
3. Click Erase
4. Click Security Options
5. Pick a level (Quick is fine for SSDs; multi-pass for HDDs if you’re worried)

File-level “shredding” tools on macOS

A few apps offer right-click “Securely delete” options. On modern SSDs, these are mostly placebo for the reasons above — wear levelling makes overwriting unreliable.

If you want defence in depth on an SSD, the realistic approach is:

1. Have FileVault on (the encryption protection)
2. Empty Trash promptly (so blocks get marked free and TRIM’d)
3. Don’t accumulate sensitive files you don’t need (the best secure deletion is never having the file)

Tools that offer “secure delete” on SSDs aren’t doing harm, but they aren’t providing meaningful additional security beyond what FileVault already gives you.

The leftover-file problem

A more practical concern: even after you delete a file, copies of its contents may exist elsewhere:

• Spotlight index entries (mostly metadata, but some content excerpts)
• Quick Look thumbnails in ~/Library/QuickLook/
• Recent files lists in apps that opened the file
• Time Machine backups (if you have them)
• iCloud Drive trash (separate from local trash)
• Quarantine attributes for downloads
• App caches that may have copied or read the file
• Browser download history if it was downloaded

If you really want a file’s contents gone, you may need to clear caches and quick-look thumbnails too.

To clear Quick Look thumbnails:

qlmanage -r cache

To clear app caches: covered in detail in our cache cleanup guides.

For Time Machine: the file remains in past backups until you exclude it and old backups age out.

Empty Trash cleanly

Default behaviour: macOS keeps Trash items indefinitely. Recovering them is trivial — open Trash, drag back. The threat from Trash itself is just that someone with access to your Mac can see and recover what you “deleted.”

To empty: Finder → Empty Trash (or right-click Trash icon → Empty Trash). With FileVault on, that’s effectively secure for typical threats.

You can also enable auto-empty: Finder → Settings → Advanced → “Remove items from the Trash after 30 days.” Items older than 30 days vanish on their own.

Audit your permissions in one screenSweep shows every app’s camera, mic, file, and location permissions on one page. Revoke in one click. Get Sweep free →

What this means in practice

For most Mac users in 2026, the answer to “how do I securely delete files” is:

1. Make sure FileVault is on (System Settings → Privacy & Security → FileVault)
2. Move the file to Trash, then empty Trash
3. That’s it for sensitive personal files

For wiping a Mac entirely (selling, gifting): Erase All Content and Settings.

For external drives: Disk Utility → Erase with appropriate Security Options.

The era of multi-pass overwrites being meaningful on consumer Macs ended when SSDs became universal. The new model is “encryption at rest plus standard delete,” and it works.

Sweep doesn’t claim to securely shred files — that’s not what we do. What we do is help you find and remove the leftover caches, thumbnails, log files, and forgotten downloads that might still hold copies of sensitive content. Combined with FileVault and Apple’s built-in tools, that’s a sensible privacy hygiene practice. Just don’t expect any third-party tool to do “magic secure deletion” on a modern SSD that the OS isn’t already doing.