System Encryption- What is the difference between Wipe Mode "None" and 3 pass, 1 pass etc?

[M MZ]

System Encryption With VeraCrypt/TrueCrypt- What is the difference between Wipe Mode "None" and 3 pass, 1 pass etc?

First I wanted to make sure we're talking about using a Non-SSD Hard drive. I know SSD drives work differently.

Here would be a good reference/guide on system encryption:
https://www.howtogeek.com/howto/6169/use-truecrypt-to-secure-your-data/

If someone were to encrypt their System partition (Ex. Windows 7 parition) with VeraCrypt or Truecrypt.
They would click on "Encrypt System Partition or Drive"

there will be a section that asks you "Which Wipe Mode" do you want to use?
You can choose "None" "1 pass" "3 pass" etc...............

What is the difference between None and 1 pass, 3 pass etc?

For example, lets say I have a 1TB Non SSD Hard Drive with 1 partition (1TB) (The system partition) with WIndows 7.

1. If I use Truecrypt/Veracrypt to encrypt the system partition with a STRONG PASSWORD that nobody knows.
   Even if I choose the Wipe Mode "NONE", the entire parition will be encrypted with a STRONG PASSWORD. As long as nobody knows that password, shouldn't nobody be able to access ANY of the information on the hard drive? Even the unencrypted data + free space data PRIOR to doing a system encryption? Is this correct? Or if you choose NONE, can your data prior to encryption be recovered?

2. If I choose the Wipe Mode "1 pass" or "3 pass", does that just Wipe all the unencrypted data + free space PRIOR to or DURING encrypting the system partition? So, if you have a STRONG PASSWORD, nobody can access the data anyways- Wiped or not wiped? is this correct?

Is this correct? or what is the difference between choosing "None" vs "1 pass" or "3 pass" for the Wipe Mode?

(This is probably the most important question)
3. Is all my unencrypted data prior to system encryption (All the unencrypted data on my system partition + free space data) safe once I've done a System encryption with a STRONG PASSWORD?

Thank you in advance!

[Enigma2Illusion]

The link to the article that you posted explains the wipe mode and the screenshot explains how it is possible to recover the data after encryption.

While encrypting the drive/partition, the number of passes refers to the number of times random data is written to the data block before the encrypted data is written back to the data block on the disk drive.

With modern hard drives, 1-pass is sufficient to prevent magnetic force microscopy examination of the disk drive.

The reason for the option of higher number of passes is due to hard drives from the 1990's and early 2000's had lower densities. Meaning the old hard drives had larger gaps between the ones and zeros that made it possible to read the ghost image of the previous data.

With modern hard drives high density, the gaps between the ones and zeros are very small and that is why using 1-pass is generally considered sufficient. You can Google search this to find whitepapers discussing this topic.

Be aware that VeraCrypt cannot encrypt or wipe reallocated sectors.
https://www.veracrypt.fr/en/Reallocated%20Sectors.html

As you stated, SSDs have additional challenges:
https://www.veracrypt.fr/en/Wear-Leveling.html
https://www.veracrypt.fr/en/Trim%20Operation.html

Next, you’ll be asked for the “wipe mode” you want to use.

If you have sensitive data on your drive and you’re concerned someone might attempt to examine your drive and recover the data, you should select at least “1-pass (random data)” to overwrite your unencrypted data with random data, making it difficult to impossible to recover.

If you’re not concerned about this, select “None (fastest)”. It’s faster not to wipe the drive. The larger the number of passes, the longer the encryption process will take.

[M MZ]

Thank you for the quick reply. I am using a Western Digital Black Caviar 1TB, so I believe it is a modern HD and also Non SSD.

So in other words, If I choose the Wipe Mode "1 pass,"....

all my unencrypted data prior to system encryption (All the unencrypted data on my system partition + free space data) is safe once I've done a System encryption with a STRONG PASSWORD?

For Example: Lets say I have 1 system parition with 1TB of data. Lets say I have 500 GB worth of data unencrypted and 500GB of free space with unencrypted deleted data. So If I do a System Encryption and choose "Wipe Mode" "1 Pass".... all of the previous unencrypted data 500GB of data + 500GB of free space with unencrypted deleted data is now unrecoverable? In addition to that, with a strong password- All the new data after system encryption cannot be accessed without the password + all the previous unencrypted data cannot be retrieved? is this about correct?

PS And if I choose Wipe Mode "None" then my previous unencrypted data could possibly be recovered?

[Enigma2Illusion]

For system encryption, VeraCrypt will encrypt the entire OS partition.

For non-system in-place encryption, you have the option to perform quick format which does not overwrite the free space.

For non-system encryption, you have the option to perform quick format which does not overwrite both existing data which will be unaccessible do to the quick format and the free space.

PS And if I choose Wipe Mode "None" then my previous unencrypted data could possibly be recovered?

Only by using magnetic force microscopy and putting a lot of time and effort to attempt to determine the previous value of either one or zero.