Encrypting files with 7 zip


7-Zip is a freely available compression program, similar to WinZip or StuffIt, which supports AES-256 encryption. It's available for download from http://7-zip.org (versions are also available for Linux and Mac OS X).

This article is a follow on from my iWeb FTP guide to securely sending files.

Windows

After you have installed 7-Zip, it will add a new 7-Zip menu to Explorer when you right click on files and folders:

Screen Shot 2013-09-13 at 10.35.05

You can select several files, one file, or a folder, and choose "Add to archive...", and 7-Zip will present you with this screen:

Screen Shot 2013-09-13 at 10.35.41

All you need to do now is enter a password (twice) in the boxes on the right. You should also select "Encrypt file names" - without this someone can see the names of the files in the archive, even if they can't view the contents.

Click OK and after the compression is finished you'll have a new file with a .7z extension, ready to upload to your FTP.

Screen Shot 2013-09-13 at 10.36.47

Your recipient can just right click on the file and select "7-Zip / Extract here". They will be prompted for their password, and the files will be decompressed into the same place as they have downloaded the .7z file to.

Screen Shot 2013-09-13 at 10.36.34

Mac OS X

On Mac OS X, the software you will need is called 7zX - it's free to use and simple to install; just drag it to your applications folder.

To create an encrypted archive, drag some files onto the 7zX application. A dialog will appear asking you for details, including an optional password.

Screen Shot 2013-09-13 at 10.29.58

Screen Shot 2013-09-13 at 10.30.19

To decompress an encrypted folder, just drop it on the 7zX application- it will prompt you for a password and extract the files to the same place as the archive.

Screen Shot 2013-09-13 at 10.31.41

Linux

On Linux, you can install p7zip (apt-get install p7zip-full on Debian or Ubuntu, yum install p7zip on RedHat, after installing EPEL) to get the 7z utility (may be 7z, 7za or 7zr), and then you can create an encrypted archive with:

7z -p -mhe a foo.7z foo/

and extract one with:

7z x foo.7z

In both cases, you will be prompted for your password.

Conclusion

Unlike WinZip, 7-Zip does not support any weak encryption standards, so it's not possible to accidentally transfer your files in a less secure manner than you intended.

The term is over-used, but AES-256 is "military grade" encryption, and protects the credit card details and personal information of millions of Internet users, as it's a major component in web security.

Finally, it's important to send the password for the archive to your recipient via a separate channel, and ideally securely. Phone calls and telling people in person are probably the most secure methods. Instant messaging, if you're confident that it's secure, is also a possibility.


Posted by Aaron Brady

Included with every trial

  • 10GB of storage
  • 50 user accounts
  • Brandable interface
  • Dedicated support