What is the Pfitzner Method?

Details on the Pfitzner Data Wipe Method

Illustration of a broom cleaning random characters

The Pfitzner method is a software based data sanitization method created by Roy Pfitzner for erasing data from a hard drive or other storage device.

Using the Pfitzner data sanitization method will prevent all software based file recovery methods from finding information on the drive, and is also likely to prevent most hardware based recovery methods from extracting information.

My lists of file shredder applications and data destruction programs include software that use data sanitization methods like Pfitzner to overwrite either some files on a storage device or absolutely everything, including the operating system.

How Does the Pfitzner Method Work?

There are lots of different data wipe methods and each of them go about erasing data just a little bit different than the others. For example, some may use just zeros like Write Zero, zeros and ones like with Secure Erase, or a combination of zeros, ones, and random characters, such as in the VSITR and Schneier methods.

While most software implement the Pfitzner method in the following way, some may modify it and use a smaller number of passes:

  • Pass 1 - 33: Writes a random character

Tip: Random Data and Gutmann work in a very similar way to Pfitzner in that they both utilize only random characters to overwrite the data, with their differences lying only in how many passes are performed.

A "pass" is simply how many times the method is run. So in the case of the Pfitzner method, given that it overwrites data with random characters, it's doing so not once or twice but 33 different times.

In addition to this, most software will let you run the Pfitzner method more than once. So if you were to run this method 50 times (which is definitely an overkill), the software will have overwritten the drive not 33 times, but 1,650 times (33x50)!

Some data destruction applications may also verify the passes after they've completed.

This just means the software checks that the information was actually overwritten with random characters (or whatever characters the method supports). If the verification process fails, the program will most likely notify you or automatically run the method again until it passes verification.

Software That Support the Pfitzner Method

The Pfitzner data sanitization method isn't one of the more popular ones, but there are still programs that include it as an option.

Catalano Secure Delete is one program that can use the Pfitzner method. Like most file shredders and data destruction program, it also supports several other methods like NAVSO P-5239-26, Random Data, AR 380-19, DoD 5220.22-M, and GOST R 50738-95.

Some other similar applications include Securely File Shredder, Freeraser, and Eraser. These programs can delete specific files and folders using a method that's similar but not identical to the Pfitzner. For example, you can choose the Gutmann method in some of these programs to overwrite the data 35 times, but they don't specifically support the Pfitzner method.

CBL Data Shredder and DBAN are two other data destruction programs that can overwrite an entire hard drive (not specific files/folders, but the whole thing) with random characters.

To most closely mimic the Pfitzner method, since neither of these programs directly support it either, you might be able to use a sanitization method like Random Data to wipe the drive as many times as you like.

Should You Use the Pfitzner Method?

Roy Pfitzner, the creator of this data wipe method, has said that data might be able to be retrieved if it's only overwritten 20 times, and that writing random characters more than 30 times should be sufficient. But whether this is accurate is up for debate.

It's been said that the number of passes made with the Gutmann method (which writes random characters 35 times) isn't really necessary because even just a few passes is the best anyone can do.

You can read a little more about that here: What is the Gutmann Method?.