How to Remove Personal Data Before Selling Any Device

The actual risk

Researchers regularly buy used devices and recover personal data — banking info, photos, passwords — from factory-reset devices that were never properly encrypted. The risk is real, but it's also easy to avoid if you know the right steps for each device type.

Phones: iPhone and Android

iPhone

iPhones encrypt your data by default. Here's the proper sequence:

1. Back up to iCloud or your computer
2. Sign out of iMessage and FaceTime
3. Sign out of Apple ID (Settings → [your name] → Sign Out)
4. Settings → General → Transfer or Reset iPhone → Erase All Content and Settings
5. Confirm the device shows the "Hello / Welcome" setup screen

This cryptographically erases your data — the encryption key is destroyed, making prior data unrecoverable.

Android

Encryption is on by default on Android 6.0+. To wipe:

1. Back up to Google or device-specific tools
2. Remove your Google account (Settings → Accounts → Google → Remove account)
3. Settings → System → Reset → Factory data reset
4. Confirm the device reboots to setup

Important: removing the Google account BEFORE the reset is essential. Otherwise Factory Reset Protection locks the device for the next owner.

Laptops: Mac and Windows

macOS

For Apple Silicon (M1+) or T2-chip Intel Macs, use Erase All Content and Settings (System Settings → General → Transfer or Reset). It works just like an iPhone wipe — destroys encryption keys.

For older Macs: enable FileVault before reset if not already on, then erase via Disk Utility in Recovery Mode and reinstall macOS.

Windows

1. Back up your files
2. Sign out of Microsoft account, OneDrive, and any browser profiles
3. Settings → System → Recovery → Reset this PC → Remove everything → Clean data
4. Confirm Windows boots to the out-of-box experience

For sensitive use cases, also enable BitLocker before resetting (Pro edition only). For Home edition, use Device Encryption if available.

Tablets

iPads and Android tablets follow the same flow as phones. For iPads, also sign out of iCloud and Apple ID.

Gaming consoles

PlayStation 5

Settings → System → System Software → Reset Options → Reset Your Console.

Xbox Series X / S

Profile & system → Settings → System → Console info → Reset console → Reset and remove everything.

Nintendo Switch

System Settings → System → Initialize → Initialize Console. Also deregister it as your primary console at Nintendo's website to free the license for your next Switch.

Verification

For any device, the simplest check: power it on after the reset. It should land on the original first-time setup screen ("Hello", "Welcome", initial account setup). If it boots into your account or a half-wiped state, repeat the reset.

What about old hard drives and SSDs?

If you're selling an older laptop with a non-encrypted hard drive, run a wipe utility (Eraser on Windows, diskutil secureErase on macOS, or DBAN on bootable USB) before reinstalling the OS. For SSDs, the built-in factory reset using TRIM is generally sufficient.

If a drive contained anything truly sensitive (financial records, legal documents, medical data), physical destruction is the only certain answer — drill bit, hammer, or a certified destruction service.