Is it unsafe to unlock a hard drive before wiping it out to sell it?

[macpokerstars]

Basically, when I unlock a hard drive (which was encrypted through Disk Utility), does the actual data physically stay in its encrypted form on the drive?

I unlocked the hard drive and began secure erasing it.

However, let’s assume I did not secure erase, but rather normally erased it. Would the data physically present on the drive be there under its encrypted form?

 

[Fishrrman]

If the drive was previously encrypted using Disk Utility, then just "erase it again" (this time, leaving encryption OFF).
That should "wipe it clean".

If you still have doubts, do a "secure erase" which will write zeros to every block on the drive. "One pass" is enough.

 

[Brian33]

My understanding is that the data on the disk remain encrypted at all times. Unlocking the drive just allows macOS to use the decryption key when data is read from the drive into memory.

 

[NoBoMac]

Basically what @Brian33 said.

If wanting to erase a drive encrypted using MacOS, just reformat, as the data on the drive will remain encrypted and the encryption keys will be erased.

To simulate a secure erase, reformat the drive, turn on encryption and use a long random password. The old data will be encrypted on the old keys and the drive will have a whole new set of keys that will not match the old keys.

MacOS encryption is multi-layered: system key to decrypt your code, your code decrypts an intermediate key, which decrypts the master key. Intermediate and master are randomly generated by the OS.