How to encrypt ZIP files securely using 7Zip
Windows has had built in zip file support with encryption since Windows XP, unfortunately the quality of this encryption is poor as evidenced by the number of commercial programs available to crack it. Winzip, WinRAR are trial ware commercial programs that offer secure AES encryption to your compressed files but cost between 23 and 30 Euros per user. 7-Zip is an open-source, free utility that offers AES-256bit encryption. In this how-to I will show you how to install and produce 256-bit encryption of your compressed files.
Encryption within Windows
Windows supports the use of ZIP or compressed folders, however it is hampered by the use of weak encryption that can be brute-forced using a myriad of programs in minutes to hours with a modern PC. Winzip, WinRAR, 7-Zip and others offer the more secure AES standard. AES, like any encryption scheme, can be broken given time, but this is likely to run into hundreds if not thousands of years.
- Download the most modern non-beta version from here.
- Install using default options.
As default 7-Zip installs itself to with “explorer extensions” that allow you to right click on items on the desktop or in windows explorer to compress files. Z-Zip has its own file format 7z which is more efficient at compressing files than the standard zip extension, but this will mean the person you are sending the file to will also have to use 7zip. Using the zip format will enable people using other programs to de-compress the file.
- Right click on the files or folder you wish to compress and encrypt.
- Change the Archive format to Zip (or use 7z if both you and your intended recipient use 7zip), then change the encryption method to the robust AES-256, thirdly enter your password. Then click OK. The rest of the options can be left as default.
Simply right-click on the file, select extract then enter the password when requested.
Your data will still be vulnerable to a “dictionary attack” where an attacker cycles through common passwords such as “Love”, “Password” etc. To protect from this simply make your password a mixture of numbers and letters rather than simply a single English word.