How secure is the winzip/winrar passwords?

brannsiu

Honorable
Apr 20, 2013
144
0
10,630
0
How secure is the password set for extraction of the winzip / winrar files? Is it a good way to protect the privacy of files by zipping them with winzip / winrar ? How secure it is? Of course I will not assign stupid passwords like abcde or 12345 , but passwords like fsgj#AAs212fssjh
 

Phillip Corcoran

Splendid
Moderator
Regardless of where a password is used (eg an app or a website), these main rules apply:

1) Make it fairly long and composed of random letters & numbers, and preferably a mix of uppercase & lowercase letters for good measure.


2) Then the next vital thing to do is to keep your password reminder notes (you'll never remember secure passwords without writing them down somewhere) securely out of sight.


3) Last but not least, passwords should be changed regularly - - it's a bind to have to have to do that but just as important for security as the previous two points.
 

camieabz

Distinguished
Jan 29, 2001
90
0
18,610
5
Assuming the zip / archive program is using AES 128 or 256, and you're using long, complicated passwords, it should be fine.

If sharing zipped files with others, e.g. over the Internet, I suggest a very long password, especially if the sharing is on a potentially public place. What protects most data is the lack of access to it. If I hand a USB drive to another, only the two of us have direct access to it (short of a PC being compromised by malware). If I e-mail it, potentially either end of the communication can be compromised, and presumably there could be 3rd party access, such as ISP, government services and so on. If I put it on an FTP server where other can see it, and download it, but not access it, they have time to get at it.

If you're protecting these files locally from other users, they will theoretically have all the time in the world to crack the password(s), so change your passwords periodically. It's a pain in the backside sometimes, but far more secure (assuming good password practices are exercised). If allowing guest access, disable removable drives for guests. You get the idea.

Zip security info - https://blog.itsecurityexpert.co.uk/2017/04/winzip-encryption-password-security-2017.html

Random Password Generator - https://passwordsgenerator.net (suggest minimum of 16 characters for expiring passwords of a month or less and 30 characters for greater, or if data is mission critical). Similar / ambiguous characters might confuse persons entering password(s) manually. Tick or untick as required. Suggest spaces are not used, as they can confuse users, and some text editors mess with them.)

Password Strength Checker - http://www.passwordmeter.com (ignore any repeating character warnings; any password generator that doesn't repeat characters is less safe, as cracking people/systems love a password with non-repeating characters.)
 
Thread starter Similar threads Forum Replies Date
P Antivirus / Security / Privacy 2
Paul Wagenseil Antivirus / Security / Privacy 1
Paul Wagenseil Antivirus / Security / Privacy 0
Paul Wagenseil Antivirus / Security / Privacy 1
Colif Antivirus / Security / Privacy 0
Paul Wagenseil Antivirus / Security / Privacy 0
saiuppudi Antivirus / Security / Privacy 0
SHIRO-XIV Antivirus / Security / Privacy 1
shiroyasha_ Antivirus / Security / Privacy 0
T Antivirus / Security / Privacy 3
Marshall Honorof Antivirus / Security / Privacy 0
Paul Wagenseil Antivirus / Security / Privacy 0
A Antivirus / Security / Privacy 8
T Antivirus / Security / Privacy 3
A Antivirus / Security / Privacy 2
K Antivirus / Security / Privacy 2
J Antivirus / Security / Privacy 9
_dawn_chorus_ Antivirus / Security / Privacy 3
D Antivirus / Security / Privacy 1
7 Antivirus / Security / Privacy 1

Similar threads


ASK THE COMMUNITY