How to create an encrypted zip file with a password

You can create an encrypted zip archive with the following command:

$ zip -er file1 folder1 ....

Keep in mind that when using the zip command, only the content of the zipped files is encrypted, the archive still leaks metadata such as the name of the files.

An alternative is to first create your zip archive with zip -r file1 ... and then use OpenSSL to encrypt the entire ZIP archive.


Unfortunately, macOS comes with an old and insecure version of zip:

zip --version
Copyright (c) 1990-2008 Info-ZIP - Type 'zip "-L"' for software license.
This is Zip 3.0 (July 5th 2008), by Info-ZIP.

It means that the zip files encrypted on macOS can easily be cracked with pkcrack or johnTheRipper.

This is why I recommend to use OpenSSL instead to encrypt your zip file.

1 email / week to learn how to (ab)use technology for fun & profit: Programming, Hacking & Entrepreneurship.
I hate spam even more than you do. I'll never share your email, and you can unsubscribe at any time.

Tags: hacking, linux, cryptography, privacy

Want to learn Rust, Cryptography and Security? Get my book Black Hat Rust!