NVMe Secure Erase: How to Sanitize an NVMe SSD (2026 Guide)

In 2023, researchers at a European data recovery firm purchased 100 used NVMe SSDs from online marketplaces and recyclers. Over 40% contained recoverable personal files, financial records, and corporate data — despite sellers claiming the drives had been "wiped." The problem: most sellers had used standard formatting or overwriting tools designed for hard drives, neither of which can reliably erase an NVMe SSD. NVMe drives require firmware-level sanitization commands that most users have never heard of.

Key Takeaways:

NVMe SSDs require NVMe-specific commands for secure erasure — ATA Secure Erase does not work on NVMe drives

NVMe Sanitize with Block Erase is the most thorough option, resetting all NAND cells including over-provisioned areas

NVMe Format is a namespace-level operation and may not reach all physical storage on the drive

Linux nvme-cli provides direct access to all NVMe sanitization commands and is the most flexible method

Crypto Erase is the fastest option (under one second) but only works on self-encrypting drives with hardware encryption enabled

NVMe Erasure Commands: What They Are and How They Differ

NVMe drives operate on an entirely different protocol than SATA drives, and they have their own set of erasure commands defined in the NVMe specification. If you have used ATA Secure Erase on a SATA SSD before, you need to understand that none of those commands apply to NVMe. The two most relevant NVMe erasure commands are NVMe Sanitize and NVMe Format, and they are not interchangeable.

NVMe Sanitize

The Sanitize command is the most thorough erasure operation available for NVMe drives. It operates on the entire drive — every namespace, every block of NAND flash, including over-provisioned space, unmapped blocks, and controller-managed areas. This is why NIST 800-88 Rev. 2 classifies NVMe Sanitize as a Purge-level operation.

NVMe Sanitize supports three sanitize actions:

Sanitize Action	`sanact` Value	What It Does	Speed
Block Erase	2	Resets all NAND flash cells to their erased state	1-5 minutes
Crypto Erase	4	Destroys the media encryption key on self-encrypting drives	Under 1 second
Overwrite	3	Writes a data pattern across all blocks	Hours (not recommended for SSDs)

Block Erase (sanact=2) is the recommended choice for most users. It physically resets every NAND cell on the drive, including areas hidden from the operating system. After a Block Erase, the drive is in a state equivalent to a factory-fresh condition.

Crypto Erase (sanact=4) is available on self-encrypting drives (SEDs) that support TCG Opal, IEEE 1667, or NVMe's built-in encryption. It destroys the media encryption key (MEK), rendering all data permanently unreadable — even if the raw flash chips are removed and read directly. Many modern NVMe drives encrypt data by default, making Crypto Erase viable on more drives than you might expect.

Overwrite (sanact=3) writes a fixed data pattern across all storage areas. It is much slower and imposes unnecessary P/E cycle wear on NAND cells. Block Erase or Crypto Erase are preferable for SSDs in virtually all cases.

NVMe Format

The NVMe Format command reformats one or all namespaces on an NVMe drive. Its behavior with respect to data erasure depends on the Secure Erase Settings (SES) field:

ses=0 — No secure erase. Reformats metadata only. Data remains on NAND.
ses=1 — User Data Erase. Erases user-visible data within the namespace.
ses=2 — Cryptographic Erase. Destroys the encryption key for the namespace.

The critical limitation of NVMe Format is scope. It operates on namespaces, not on the entire physical drive. Over-provisioned space, controller-managed areas, and blocks not assigned to the formatted namespace may retain data. Whether ses=1 reaches these areas depends entirely on the drive manufacturer's implementation — and most do not document this clearly.

Why ATA Secure Erase Does Not Work on NVMe

ATA Secure Erase belongs to the ATA Command Set used by SATA drives. NVMe drives communicate over PCIe using a completely different protocol. Tools like hdparm that issue ATA Secure Erase will not even detect NVMe drives. If your SSD connects via M.2 using the NVMe protocol (verify with nvme list), you must use NVMe-specific commands.

For SATA SSD erasure methods, see our complete SSD secure erase guide.

How to NVMe Sanitize with nvme-cli (Linux)

The nvme-cli utility is the most direct and reliable way to issue NVMe Sanitize commands. It gives you full control over every parameter and provides verification through the sanitize log. You need a Linux environment — either an installed system, a live USB, or a bootable tool that includes nvme-cli.

Step 1: Boot into Linux

If the NVMe drive you want to erase is your system drive, you cannot erase it while booted from it. Boot from a Linux live USB instead — Ubuntu Desktop or any major distribution's live ISO works. Write the ISO to a USB drive with Rufus, Balena Etcher, or dd, and boot from it.

Step 2: Install nvme-cli

Open a terminal and install the NVMe command-line tool:

sudo apt install nvme-cli        # Debian, Ubuntu, Mint
sudo dnf install nvme-cli        # Fedora, RHEL, AlmaLinux
sudo pacman -S nvme-cli          # Arch, Manjaro

On a live USB session, you may need an internet connection for package installation. Some live distributions include nvme-cli by default.

Step 3: Identify Your NVMe Drive

List all NVMe devices connected to the system:

sudo nvme list

You will see output similar to:

Node             SN                   Model                        Namespace Usage                      Format           FW Rev
/dev/nvme0n1     S4EWNX0R812345       Samsung SSD 980 PRO 1TB      1         1.00  TB /   1.00  TB      512   B +  0 B   5B2QGXA7
/dev/nvme1n1     WD-WX12A34567890     WD_BLACK SN850X 2TB          1         2.00  TB /   2.00  TB      512   B +  0 B   620311WD

Identify the correct drive carefully. Sanitize commands target the controller (/dev/nvme0), while Format commands target the namespace (/dev/nvme0n1).

Step 4: Check Sanitize Support

Not all NVMe drives support all sanitize actions. Check what your drive supports:

sudo nvme id-ctrl /dev/nvme0 -H | grep -i "sanitize"

Look for output like:

  [2:2] : 0x1   Crypto Erase Sanitize Supported
  [1:1] : 0x1   Block Erase Sanitize Supported
  [0:0] : 0x1   Overwrite Sanitize Supported

If a sanitize action shows 0x0, the drive does not support it. If no sanitize capabilities are listed, your drive does not support the Sanitize command — skip to the NVMe Format section below.

Step 5: Unmount All Partitions

Before issuing any erasure command, unmount every partition on the target drive:

sudo umount /dev/nvme0n1p1
sudo umount /dev/nvme0n1p2
# Repeat for all partitions

Or unmount all partitions at once:

sudo umount /dev/nvme0n1*

Verify nothing is mounted:

mount | grep nvme0

This should return no output.

Step 6: Run NVMe Sanitize

Issue the Sanitize command with your chosen action. For most users, Block Erase is the recommended choice:

sudo nvme sanitize /dev/nvme0 --sanact=2

For Crypto Erase on a self-encrypting drive:

sudo nvme sanitize /dev/nvme0 --sanact=4

The command returns immediately — sanitization runs as a background operation on the drive's controller. The drive will be unavailable for normal I/O until the operation completes.

Step 7: Monitor Progress and Verify

Check the sanitize status:

sudo nvme sanitize-log /dev/nvme0

You will see output including:

Sanitize Progress                      (SPROG) :  65535
Sanitize Status                        (SSTAT) :  0x0101
Sanitize Command Dwords 10-11         (SCDW10) :  0x2
Estimated Time For Overwrite                   :  4294967295
Estimated Time For Block Erase                 :  120
Estimated Time For Crypto Erase                :  2

Key fields to check:

SPROG: Progress indicator. 65535 (0xFFFF) means complete. Values below 65535 show percentage progress (value / 65535 * 100).
SSTAT: Status field. The lower 3 bits indicate status — 0x1 means the most recent sanitize completed successfully. 0x2 means in progress. 0x3 means failed.
SCDW10: Shows which sanitize action was performed (2 = Block Erase, 4 = Crypto Erase).

Wait for SPROG to reach 65535 and SSTAT to show completion. You can poll the log repeatedly:

watch -n 5 "sudo nvme sanitize-log /dev/nvme0"

Bottom Line: For NVMe SSDs, the Sanitize command with Block Erase (sanact=2) is the gold standard. It reaches all NAND cells including over-provisioned areas, meets NIST 800-88 Rev. 2 Purge requirements, and typically completes in under five minutes. If your drive supports it, this is the method to use.

NVMe drive secured in motherboard slot

NVMe Format as a Fallback

If your drive does not support the Sanitize command, NVMe Format with the User Data Erase setting is the next best option:

sudo nvme format /dev/nvme0n1 --ses=1

Or for Cryptographic Erase:

sudo nvme format /dev/nvme0n1 --ses=2

Caveats with NVMe Format:

It operates on a per-namespace basis. If the drive has multiple namespaces, you need to format each one individually, and controller-managed areas outside namespaces may not be erased.
Whether --ses=1 erases over-provisioned space depends on the manufacturer's implementation. Samsung, Western Digital, and most major brands include over-provisioned areas in User Data Erase, but budget or lesser-known brands may not.
NVMe Format is generally classified as a Clear-level operation under NIST 800-88 Rev. 2, not Purge. For compliance-sensitive scenarios, Sanitize is required.

To verify completion of an NVMe Format operation, re-read the drive and confirm data is no longer present:

sudo nvme read /dev/nvme0n1 --start-block=0 --block-count=0 --data-size=512 | xxd | head

All zeros (or all 0xFF bytes) indicates the format erased user data.

For more on how NIST 800-88 classifies these operations, see our NIST 800-88 explainer.

Manufacturer Tools for NVMe Erasure

If you are not comfortable with Linux command-line tools, SSD manufacturers provide free utilities that wrap NVMe Sanitize and Format commands behind a graphical interface. These tools run on Windows and detect only drives from their respective manufacturers.

Samsung Magician — Secure Erase for Samsung NVMe SSDs (970 EVO, 980 PRO, 990 PRO, etc.). Creates a bootable USB that issues NVMe Sanitize.
Western Digital Dashboard — Covers WD Black, WD Blue, and SanDisk NVMe SSDs. Issues NVMe Format or Sanitize depending on model.
Crucial Storage Executive — Supports Crucial/Micron NVMe SSDs (P5 Plus, T700, etc.). Includes a revert-to-factory option.
Kingston SSD Manager — Supports Kingston NVMe drives (KC3000, NV2, Fury Renegade). Includes Secure Erase.
Intel Memory and Storage Tool — Covers Intel/Solidigm Optane and QLC NVMe SSDs. Now maintained by Solidigm.

Most manufacturer tools require a bootable USB to erase the system drive, only work with their own brand, and do not provide certificates of erasure for compliance purposes. Some older versions issue NVMe Format rather than NVMe Sanitize — check the documentation to confirm.

Third-Party Software for NVMe Sanitize

When you need to erase NVMe SSDs from multiple manufacturers, require a certificate of erasure, or want a more guided experience than nvme-cli, third-party tools fill the gap.

BitRaser Drive Eraser

BitRaser Drive Eraser is a bootable solution that supports NVMe Sanitize (Block Erase and Crypto Erase) across all major SSD brands. It issues firmware-level commands and generates tamper-proof PDF certificates of erasure — suitable for compliance with HIPAA, GDPR, PCI DSS, and other regulations. Plans start at $39 per drive.

Issues NVMe Sanitize commands at the firmware level
Generates certificates of erasure with audit trail
Supports NIST 800-88 Rev. 2, IEEE 2883, and other standards
Works from bootable USB with batch erasure support

Parted Magic

Parted Magic ($15 one-time purchase) is a bootable Linux environment that includes a graphical Secure Erase tool wrapping nvme-cli. It auto-detects NVMe drives, checks supported sanitize actions, and walks you through the process with a point-and-click interface. It is an excellent middle ground between raw command-line tools and enterprise solutions — you get the power of nvme-cli without needing to remember command syntax.

For a full comparison of erasure software, see our best data erasure software roundup.

Common Mistakes with NVMe Erasure

Trying to use hdparm on NVMe drives. The hdparm utility issues ATA commands, which NVMe drives do not understand. Running hdparm --security-erase against an NVMe drive will fail or not detect the drive. Use nvme-cli instead.

Confusing NVMe Format with formatting a partition. When people say "format a drive," they mean creating a new file system (NTFS, ext4, APFS). NVMe Format is a firmware-level command that operates below the file system layer. Running Windows Format or Linux mkfs does not erase data.

Using overwrite-based tools on NVMe SSDs. Tools like DBAN write patterns to every sector sequentially — an approach designed for HDDs. On NVMe SSDs, the flash translation layer remaps writes, and over-provisioned space is never reached. See our complete guide to wiping a hard drive for the correct approach by drive type.

Sanitizing the wrong drive. With multiple NVMe SSDs installed, it is easy to target the wrong device path. Always verify the drive model, serial number, and capacity with sudo nvme list before issuing any destructive command. There is no undo.

Skipping verification. After any sanitize operation, check the sanitize log to confirm completion. A sanitize interrupted by power loss may have left the drive in a partially erased state. The nvme sanitize-log command takes seconds and provides definitive confirmation.

Frequently Asked Questions

Is NVMe Sanitize the same as ATA Secure Erase?

No. NVMe Sanitize and ATA Secure Erase are entirely different commands targeting different interfaces. ATA Secure Erase is a SATA command issued through the ATA command set, while NVMe Sanitize is defined in the NVMe specification and uses the NVMe command set. ATA Secure Erase does not work on NVMe drives, and NVMe Sanitize does not work on SATA drives.

What is the difference between NVMe Sanitize and NVMe Format?

NVMe Sanitize operates on the entire drive, including over-provisioned space, unmapped blocks, and all namespaces. NVMe Format operates on a single namespace and may not reach all physical NAND cells. NIST 800-88 Rev. 2 classifies Sanitize as a Purge-level operation, while Format with User Data Erase may only qualify as Clear depending on the implementation.

Can I NVMe Sanitize from Windows?

Windows does not natively expose NVMe Sanitize commands. Your best options are manufacturer tools (Samsung Magician, WD Dashboard, etc.) that run on Windows, or booting into a Linux live USB to use nvme-cli. Third-party tools like BitRaser and Parted Magic also provide NVMe Sanitize support from a bootable environment.

How long does NVMe Sanitize take?

NVMe Sanitize with Block Erase typically takes one to five minutes, depending on the drive capacity and controller speed. Crypto Erase completes in under a second because it only destroys the encryption key. The Overwrite sanitize action takes the longest — potentially hours on large drives — and is generally not recommended for SSDs.

Should I use Block Erase or Crypto Erase?

Use Block Erase when you want to physically reset all NAND cells and your drive supports it. Use Crypto Erase when your drive is a confirmed self-encrypting drive (SED) with hardware encryption enabled and you trust the encryption implementation. Block Erase is generally considered more verifiable because it modifies the physical storage, while Crypto Erase relies on the encryption key having been properly managed.

What happens if NVMe Sanitize fails or is interrupted?

If a Sanitize operation is interrupted (power loss, cable disconnect), the drive enters a Sanitize Failed state. The drive remains usable but the sanitization is incomplete. You can check the status with nvme sanitize-log and restart the process. Some drives may require a Sanitize Exit Failure Mode command (sanact=1) before you can start a new sanitize operation.

Does NVMe Format erase all data on the drive?

It depends on the Secure Erase Settings (SES) value used. With --ses=0, NVMe Format only reformats metadata and does not erase user data. With --ses=1 (User Data Erase), it erases user-visible data but may not reach over-provisioned space — this varies by manufacturer. With --ses=2 (Cryptographic Erase), it destroys the encryption key if the drive supports it.

Can I erase just one namespace on an NVMe drive?

NVMe Format operates per-namespace, so yes — you can format a single namespace. However, NVMe Sanitize always operates on the entire drive across all namespaces. If you need to selectively erase partitions, NVMe Format with appropriate SES settings is the only firmware-level option, but be aware it may not reach all physical NAND.

Do I need to unmount the NVMe drive before sanitizing?

Yes. You must unmount all partitions on the NVMe drive before issuing Sanitize or Format commands. If the drive contains your operating system, you cannot sanitize it while booted from it — you need to boot from a USB live environment or a separate drive. The nvme-cli commands will typically fail or warn you if the drive is mounted.

How do I verify that NVMe Sanitize completed successfully?

Run sudo nvme sanitize-log /dev/nvme0 after the operation. The log shows the Sanitize Status (SSTAT) field — a value indicating the most recent sanitize operation completed successfully, along with the sanitize action that was performed. You can also attempt data recovery with forensic tools to confirm no readable data remains, though this is typically only necessary for high-security environments.

The Bottom Line

NVMe SSDs need NVMe-specific sanitization commands — ATA Secure Erase and overwrite tools will not work. Use nvme sanitize --sanact=2 (Block Erase) through nvme-cli on Linux for the most thorough and verifiable erasure. If you need a compliance-ready certificate, BitRaser Drive Eraser issues firmware-level NVMe Sanitize commands with documented proof. Always verify completion with nvme sanitize-log before releasing the drive.

Last updated: February 2026. We regularly review and update our guides to ensure accuracy.

Sources:

NIST Special Publication 800-88 Rev. 2, Guidelines for Media Sanitization. https://csrc.nist.gov/publications/detail/sp/800-88/rev-2/final
NVM Express Base Specification, Revision 2.1. https://nvmexpress.org/specifications/
IEEE 2883-2022, Standard for Sanitizing Storage. https://standards.ieee.org/ieee/2883/10165/
NVMe Command Line Interface (nvme-cli) Documentation. https://github.com/linux-nvme/nvme-cli
Wei, M. et al. "Reliably Erasing Data From Flash-Based Solid State Drives," FAST '11, USENIX. https://www.usenix.org/conference/fast11/reliably-erasing-data-flash-based-solid-state-drives