Hi. I would like to know if there is a better way of password protecting zip files. I have read that the built in version of win zip is easy to crack.

I have zip files that my clients purchase. I have recently found out that my site has been hacked and that pirates have been downloading my files.

I am looking into .htaccess protection for my website directories but I think I need a better solution for that also.

Does anyone have any ideas or links to guide me in the right direction? I have done google searches and haven't had much luck.

Thank you for your time!

Erika

The built in zip protection in winzip is perfectly sufficient... as long as you create a sufficient password. Make the password as long as possible, use a combination of upper and lower case characters, as well as special characters (?,#,%,&,$ etc). It won't be cracked for a long, long time. I have a file that I was requested to crack about three years ago for a legal case involving a child molestor. I ran it on five seperate systems, each carrying the burden of a certain range of possible passwords. I ran the decryption routine for 8 months full time and was never able to break the password. Between the five machines, I went about 700 billion iterations of possible character combinations over the eight months. The court case came and went, the guy was convicted and sentenced, and I was never compensated for my electrical bill :) I'd gladly forward this file to anybody who thinks they can crack it. I'm curious as hell to know what this guy had to hide in a file that couldn't be cracked by five computers in eight months, and according to his own words, it was using standard winzip encryption. He dared me to crack it, and I couldn't.

Really...WOW! I have been reading so much on articles and such I have been finding and they say that the password protect winzip offers is not so good. After reading yours, I am wondering if these people are using simple passwords, like you said.

Thanks for the reply!

Simple dictonary passowords like your birthday, maiden name, etc can be broken easily by somebody with curiosity and time to play. Hardened passwords like 95%JjUl754Hm$4@ won't be broken anytime soon. Guaranteed.

i agree with bigh20, the built-in protection is great but it helps to have a very complicated pasword containing upper and lowercase characters and numbers and underscores and dashes.