A String cannot be "wiped". It is immutable, and short of some really dirty and dangerous tricks (using reflection, for example) you cannot alter that.

So the safest solution is to not put the data into a String in the first place. Use a StringBuilder or an array of characters instead, or some other representation that is not immutable. (And then clear it when you are done. And don’t use toString() etc on the StringBuilder or you have created the String you were trying to avoid.)

Of course, the "safest" solution is rather impractical. Many Java SE and 3rd party APIs require or return text data to be provided as String objects.

For the record, there are a couple of ways that you can change the contents of a String’s backing array. For example, you can use reflection to fish out a reference to the String object’s backing array, and overwrite its contents. However, this involves doing things that the JLS states have unspecified behavior so you cannot guarantee that the optimizer won’t do something unexpected. And the code to do this will be non-portable, since it depends on internal details of String that have changed over time and may change again.

My personal take on this is that you are better off locking down your application platform so that unauthorized people can’t gain access to the memory / memory dump in the first place. After all, if the platform is not properly secured, the "bad guys" may be able to get hold of the string contents before you erase it. Steps like this might be warranted for small amounts of security critical state, but if you’ve got a lot of "confidential" information to process, it is going to be a major hassle to not be able to use normal strings and string handling.