Hello, you are using an old browser that's unsafe and no longer supported. Please consider updating your browser to a newer version, or downloading a modern browser.
Training Camp • Cybersecurity Glossary
A factory reset restores a device to its original out-of-box state, erasing user data, apps, and settings; on encrypted devices it works by destroying the encryption key.
Factory Reset Definition: A factory reset restores a device to its original out-of-box state, erasing user data, apps, and settings; on encrypted devices it works by destroying the encryption key.
A factory reset is the process of returning a device to its original out-of-box state by erasing user data, installed applications, accounts, and custom settings. Also called a hard reset or master reset, it is used to troubleshoot persistent software problems, remove malware, or sanitize a device before resale, recycling, or reassignment.
How thoroughly a factory reset erases data depends on the device. On modern smartphones and many laptops, storage is encrypted by default, so a factory reset performs a cryptographic erase: it destroys or overwrites the encryption key, instantly rendering all remaining encrypted data unreadable even though the underlying bits may still be present. On older or unencrypted devices, a reset may only delete file-system pointers, leaving recoverable data on the flash or disk until it is overwritten. The OS then reinstalls or restores its default system image and reboots into initial setup.
For security, factory reset is a key data-sanitization and incident-response control, but it must be understood correctly. A crypto-erase on an encrypted device meets recognized media-sanitization guidance such as NIST SP 800-88; a simple reset on an unencrypted device may not, leaving sensitive data exposed to forensic recovery. Mobile device management can trigger remote factory resets (remote wipe) on lost or stolen corporate phones to protect data. Conversely, attackers and thieves may attempt resets to bypass locks, which is why protections like Activation Lock and Factory Reset Protection bind a reset device to its original account.
For example, an employee leaves a company and returns a corporate laptop. Because full-disk encryption was enabled, IT performs a factory reset that destroys the encryption key, cryptographically wiping all corporate data in seconds and meeting sanitization policy before the device is reissued. Separately, when a phone is reported stolen, the security team issues a remote wipe through MDM; the device factory resets, but Factory Reset Protection keeps it locked to the company account so the thief cannot reuse it. Verifying encryption status before relying on a reset is critical to ensuring data is truly unrecoverable.
Turn knowledge into credentials with our instructor-led cybersecurity boot camps.
View All Courses →