Trading in or selling your old mobile device? Wipe it the right way to reduce the risk of personal data falling into the wrong hands.
Remember that no method apart from physically destroying the device and its storage is 100 percent foolproof — data may still be recoverable with the right tools.
These tips are for the three main mobile operating systems, but if you have an older phone or an alternate OS, check the manual for full details on how to wipe your device.
Before you start:
- Back up all your data, including contacts.
- Remember to remove the SIM card and any external storage such as a microSD card.
- Log out of services like email and social media, then clear the data from these apps if you can.
- Perform a separate encryption and wipe of data on the microSD card as well if you don’t plan to use the card in a new device.
- Keep the serial number of the phone or tablet on file for your records.
If the phone or tablet runs 5.0 Lollipop or later it may have Android device protection or factory reset protection (FRP) active. This feature makes the phone unusable by a new owner if it’s been reset because they can’t activate it without entering a previously used Google account and password.
You’ll need to deactivate FRP if you plan to sell the device or transfer to another owner.
Skip straight to step 4 if you have a device running an earlier version of Android without FRP.
Step 1: First, turn off any screen locks. Go to Settings > Security or Lock Screen Security > Screen Lock and change the type to None.
Step 2: Remove your Google account from the device. Go to Settings > Users and Accounts, tap your account and then remove.
Step 3: If you have a Samsung device, remove your Samsung account from the phone or tablet as well.
Step 4: Now you can wipe the device with a factory reset. However, this, and other information such as SMS and chat messages can be restored with some standard data recovery tools.
Here is aor tablet, which begins with encrypting your device first through the Settings menu.
You won’t need any special tools, just a bit more patience than it takes to simply press the restore option within the settings. Note: devices running Android 6.0 Marshmallow or above may be encrypted by default.
Apple devices that support iOS 5 or later include hardware encryption when you set a passcode. If you perform a wipe using the method below, the encryption key is also overwritten, which makes it very difficult for anyone who wants to recover the data.
Step 1: Before starting the reset process, make sure to unpair devices like the Apple Watch ($429.00 at Apple). Then, turn off Find My iPhone ($699.00 at Apple). For iOS 10.2 or earlier, go to Settings > iCloud > Find My iPhone. Enter your Apple ID password if prompted. For iOS 10.3 or later, go to Settings > Your name > iCloud > Find My iPhone.
Step 2: Turn off and sign out of other services including iMessage and the App Store. Go to Settings > Messages > toggle the iMessage option. For your Apple ID, go to Settings > iTunes & App Store > tap your Apple ID email address and then tap Sign Out.
For added peace of mind you may also want to sign out individually from any other linked services and apps, such as Facebook or Twitter.
Step 3: Sign out of iCloud completely. Head to Settings > iCloud and find Sign Out at the bottom of the page. For iOS 10.3 and later, Settings > Your name > Sign Out. For iOS 7 devices, choose Delete Account.
Note: if you delete all your data manually without signing out of iCloud, it will also delete the content from iCloud as well — which is something you definitely don’t want.
Step 4: Start the wipe process. Go to Settings > General > Reset > Erase All Content and Settings. Confirm the selection.
Step 5: Remove the serial number of the device from your Apple account profile at appleid.apple.com.
Windows Phone only offers encryption for business customers. The easiest way to wipe a Windows Phone 7, 8 or 8.1, or Windows 10 Mobile device is to perform a factory reset and then load dummy data to overwrite traces of the original data.
Step 1: Open up Settings > About > Reset Your Phone.
Step 2: Confirm the action and then wait for the phone to wipe.
Step 3: Connect the phone to a PC and open My Computer. If you are connecting via Mac, download the Windows Phone app. Find the phone, which should show up as a removable device, and open it.
Step 4: Load dummy data onto the phone by dragging and dropping from another folder. Don’t use your personal photos or documents here; instead choose files that contain no identifiable metadata that could be traced back to you, such as video or music files. Try and fill the phone with as much dummy data as possible.
Step 5: Reset the phone again using the same method as in step 1. Repeat the dummy data load a few more times to ensure all your original data is overwritten.
Step 6: Perform a final reset.
Log in to your Microsoft account at account.microsoft.com/devices and find the phone you just wiped. Remove it from your account.
Once the wipe is complete, remember to also revoke access to the phone from services such as Facebook and Google. To remove devices from your Google account, head to myaccount.google.com, click on Sign-in & security > Device activity & notifications and find the model you have wiped.
Not planning to sell?
Consider destroying the device altogether to make it incredibly difficult for anyone to access residual data. David Zimmerman from LC Technology suggests drilling through the device. “Go completely through the phone in several locations, including the charging input, and then drop it off at an electronics recycling receptacle,” he says.
Another method includes putting the device inside a bag and using a sledgehammer to break it into pieces that are no bigger than half an inch. Or for the most extreme case, “use an industrial-strength grinder to turn the phone into dust,” he says.
First published Nov. 26, 2014 at 11:03 a.m. PT.
Update, Dec. 4, 2017 at 5 a.m.: Revises Apple, Android and Windows Phone device removal information.