Use WinZip to Encrypt, Store or Email Sensitive Data
Sep 16th, 2007 by MrGroove
Sure, WinZip is great for compressing files and folders but did you know it’s also a great tool for encrypting sensitive data? If used correctly, WinZip can be a great security tool. It’s a perfect option for the non-technical user who needs to email confidential data over the Internet. Just follow my simple step-by-step below to learn how.
My screen snips are taken from Windows XP and WinZip 11.1 however the process should be the same for Vista and Winzip 10.x users as well. WinZip 9.0 was actually the first version WinZip began using AES 256 bit encryption so 9.x users should also be able to take advantage of using WinZip as an encryption tool.
So, let’s get right to it.
1. Navigate to the files or folder you wish to Zip and Encrypt
2. Select the files you wish to zip/compress and Encrypt, Rick-Click to bring up the context menus. Now under the context menus, Click WinZip, Add to Zip file…
Step 3. Click in the Add to archive box and give the file a name. Check box Encrypt added files and Click Add
Step 4. Check box Do not display this dialog box in the future and Click OK
Now were ready to enter a password. Please note - It’s very important to use a STRONG password here. yeah yeah yeah… you don’t need to get crazy here with stupid $ymb0l$ and upper and lower case characters that you will forget 10 minutes after you type it…. Just use a long PASS PHRASE with 10 or more characters. Pass Phrases are EASY to type, easy to remember AND VERY secure. Watch, here’s a 20 character secure password: My house is yellow!
That’s it! With spaces between the words, a capital M in the front and ended with a special character, your looking at a VERY secure password which will be near to impossible to crack using brute-force!
Ok, back to the article……
Step 5. Click in the box Enter password and type your PW. Repeat in the following box. Click 256-Bit AES encryption (stronger) radio button and Click OK
Step 6. Review and Close by Pressing the Red X
Note: As you open .zip files, encrypted files can be identified by the * symbol next to the file name as shown below
All done! GROOVY!
Limitations to be aware of (Taken from WinZip HELP file).
- Encryption applies only to the contents of files stored within a Zip file. Information about an encrypted file, such as its name, date, size, attributes, and compression ratio, is stored in unencrypted form in the Zip file’s directory and can be viewed, without a password, by anyone who has access to the Zip file.
- WinZip’s encryption method is not the same thing as an authentication method for the Zip file. WinZip encryption is intended to prevent someone who doesn’t know the correct password from finding out the contents of your encrypted data. The password is not needed for actions that do not involve decryption of the encrypted contents of data stored within a Zip file. In particular, encrypted files can be deleted from a Zip file, or can be renamed within a Zip file, and new, unencrypted, files can be added to a Zip file, without a password.
- WinZip uses password-based encryption, and even a strong encryption algorithm like AES is of little or no benefit if the passwords you use are weak, or you do not keep track of them in a secure manner.
Tags: client, encryption, security, winzip
Visitor Options
First time on the site. Love the article. Found it on DIGG
Thnx!
Welcome JohnM!
Thank you! Glad to hear the article helped out. I wrote the article in response to a question in the forum: http://forum.groovypost.com/viewtopic.php?t=78761
Because I get asked the question so often at work “How can securely email a large number of documents or data” I figured other people out there would be able to benefit. Any other questions, please let me know in my forum - http://forum.groovypost.com
Why would I do this when I can just password protect word files or excel files?.?
Howdy 22shocker and Great question.
Personally, If your just trying to secure 1 or 2 files, there is no purpose to use Winzip to encrypt a file when you can just use the native Encryption from Word or Excel. If however you wish to protect MULTIPLE files or send Multiple files over the internet to someone, WinZIP is nice because you can secure them in 1 large batch and be done with it. Just zip them up with a good password, send them the zip and your done (After you give them a phone call to tell them the password of course).