There's a lot of paranoia about this about. For 10 years or more, a "secure erase" command from the drives firmware is perfectly adequate for domestic purposes, or even most business purposes.
But for confidence reasons, I agree that an overwrite is reassuring. A single pass is almost certainly enough to defeat anything but very sophisticated laboratory attempts at recovery, but again, for reassurance, by all means do 3.
DBAN is perfectly adequate, and I have used it, Eraser is my normal choice, and again gets the job done.
If you really want to be sure, NIST (National Institute of Standards and Technology) published a paper about this in about 2006, recommending the level of method required for US Federal bodies (short of security agencies) to take to ensure compluance with federal law on data security and confidentially. That suggests that, for hard drives, one pass overwrite is fine.
It also points at published lists of products examined by both the NSA and DSS (Defence Security Services). These are not endorsed by them, as the government doesn't do that, but are on lists of, if you like, devices and software approved for government bodies to use.
As any good conspiracy theorist will assume, it MAY be that the NSA, GCHQ, Mossad, DGSE, Chinese People's Army intelligence, etc, may be able to recover stuff, but your PC World techie or spotty teenage geek in his bedroom won't stand a chance.
So if you're worried about the NSA, etc, run DBAN, then run it again, then disassemble the drive, crush the firmware chip, smash to disk platters(s) to bits with a hammer, melt the remnants with an oxyacetalyne torch, separate them into loads of separate portions, and bury each portion on a different continent, sealed in amber and surrounded by garlic and witch-hazel, dipped in holy water, and make sure to drop a few portions into the deepest trench on the Pacific Ocean. And arrange for some to be fired into space, and then flown into the centre of the Sun. That ought to slow the NSA down a bit.
I'm pretty paranoid about personal data. No mail, with a name or address on, for instance, EVER gets just thrown out. Any paper with any personal info on gets cross-shredded into tiny chunks, as do old data CDs, etc. I don't even use debit or credit cards if I can help it, and pay for groceries with cash.
But even I think DBAN or Eraser is perfectly adequate for securely erasing hard drives.
But if in doubt, do what the NSA. and NIST suggest for extremely sensitive data .... careful physical destruction. It all depends on what the data is, how worried you are about it, and what damage it could do if it got out. It's a cost v risk thing.