Security of a password protected / encrypted Zip-file?


Although I’ve got my backups in order and secure and everything, this doesn’t really help if disaster striked completely and deprived me of all units where I can access the various crazy passwords and other information protecting my backups and core services.

(I have a backup access for this, but in some urgent scenarios it would not be ideal.)

So, my question is, if I use WinZip or Keka to create an encrypted/password protected zip-file with some core information. How secure is this from some data breach? Assume a 36+ Character password on it.

Would it be perfectly fine to leave a zip-file like that with some core backup codes etc live out in the wild?

The old WinZip encryption was bad/flawed. Current versions seem to be fine.

Why not create an encrypted container? (Dmg)
It is a standard macos feature.


Alright, thanks!

Yes, but this is for securely locking down some files/information and storing them “off-site” in a way that makes it safe from prying, but also easily available if disaster strikes - and without it being Mac-specific to get them “open”.

I think you should always use the right tool for the job, and if you want to be secure why risk the implementation of encryption in a tool for which encryption is its core job.

I would use something like GnuPG which is open source and has implementations on everything.

7zip should be able to read image files (.dmg at least) on all platforms.

All of the tools mentioned use symmetric encryption, with the exception of GPG. You should be fine with AES-256 and a strong password.

I think its that security will depend on the password that you give your folder. I convert my files into zip-archives just using my mac, you can read about it here

1 Like