You are on page 1of 3

The Pfitzner method is a software based data sanitization method created by Roy Pfitzner for erasing

data from a hard drive or other storage device.

Using the Pfitzner data sanitization method will prevent all software based file recovery methods
from finding information on the drive, and is also likely to prevent most hardware based recovery
methods from extracting information.

Our lists of file shredder applications and data destruction programs include software that use data
sanitization methods like Pfitzner to overwrite either some files on a storage device or absolutely
everything, including the entire operating system.

How Does the Pfitzner Method Work?

There are lots of different data wipe methods and each of them go about erasing data just a little bit
different than the others. For example, some might use just zeros like Write Zero, zeros and ones like
with Secure Erase, or a combination of zeros, ones, and random characters, such as in the VSITR and
Schneier methods.

While most software implement the Pfitzner method in the following way, some may modify it and
use a smaller number of passes (seven is common):

Pass 1 - 33: Writes a random character

It's sometimes written as Pfitzner 33-pass, Pfitzner 7-pass, random(x33) or random(x7).

Tip: Random Data and Gutmann work in a very similar way to Pfitzner in that they both utilize only
random characters to overwrite the data, with their differences lying only in how many passes are
performed.

A "pass" is simply how many times the method is run. So in the case of the Pfitzner method, given
that it overwrites data with random characters, it's doing so not once or twice but 33 different times.
In addition to this, most software will let you run the Pfitzner method more than once. So if you were
to run this method 50 times (which is definitely an overkill), the software will have overwritten the
drive not 33 times, but 1,650 times (33x50)!

Some data destruction applications may also verify the passes after they've completed.

This just means the software checks that the information was actually overwritten with random
characters (or whatever characters the method supports). If the verification process fails, the
program will most likely notify you or automatically run the method again until it passes verification.

Software That Support the Pfitzner Method

The Pfitzner data sanitization method isn't one of the more popular ones, but there are still programs
that include it as an option.

Catalano Secure Delete is one program that can use the Pfitzner method. Like most file shredders
and data destruction program, it also supports several other methods like NAVSO P-5239-26,
Random Data, AR 380-19, DoD 5220.22-M, and GOST R 50738-95.

Some other similar applications include Securely File Shredder, Freeraser and Eraser. These programs
can delete specific files and folders using a method that's similar but not identical to the Pfitzner. For
example, you can choose the Gutmann method in some of these programs to overwrite the data 35
times, but they don't specifically support the Pfitzner method.

If you're on a Mac, SecureRemove supports 33-pass Pfitzner as well as a number of other methods
like 4-pass RAZER, DoD 5220.22-M (E) and GOST R 50739-95.

CBL Data Shredder and DBAN are two other data destruction programs that can overwrite an entire
hard drive (not specific files/folders, but the whole thing) with random characters. To most closely
mimic the Pfitzner method, since neither of these programs directly support it either, you might be
able to use a sanitization method like Random Data to wipe the drive as many times as you like.

BitRaser isn't free but is similar to CBL Data Shredder and DBAN and actually does support Pfitzner,
specifically.
Scrub is an example of a program that can do both: scrub individual files as well as whole hard drives,
depending on how you choose to use it.

Should You Use the Pfitzner Method?

Roy Pfitzner, the creator of this data wipe method, has said that data might be able to be retrieved if
it's only overwritten 20 times, and that writing random characters more than 30 times should be
sufficient. However, whether this is accurate is up for debate.

It's been said that the number of passes made with the Gutmann method (which writes random
characters 35 times) isn't really necessary because even just a few passes is the best anyone can do.
You can read a little more about that here: