# How to Password Protect a ZIP File (Windows, Mac, Online) - url: https://www.tryplox.com/blog/how-to-password-protect-a-zip-file - date: 2026-06-24 - tags: Security, How-to, File Sharing, Basics - excerpt: How to password protect a ZIP file with 7-Zip on Windows, the zip -e command on Mac, or online. Plus ZIP password limits and a safer way to share. To password protect a ZIP file, use 7-Zip on Windows (right-click, 7-Zip, Add to archive, set a password with AES-256) or the Terminal command `zip -er archive.zip folder` on Mac. Both encrypt the file so it cannot open without the password. Online tools work too, but never upload sensitive documents to them. ## How do you password protect a ZIP file? The fastest reliable method is a free archiver: 7-Zip on Windows or the built-in `zip` command on Mac. Pick AES-256 encryption, set a strong password, and send the password through a different channel than the file itself. Windows File Explorer cannot password protect a ZIP on its own. The old "Encrypt contents" checkbox in the legacy compressed-folder tool got removed years ago, so you need a third-party app. Mac handles it from the Terminal with nothing to install. Below are accurate, current steps for each platform, the real limits of ZIP passwords, and a better way to share confidential files when you need to know who opened them. ## How to password protect a ZIP file on Windows (7-Zip) 7-Zip is free, open source, and supports strong AES-256 encryption. It is the most dependable option on Windows. 1. Download and install [7-Zip](https://www.7-zip.org/) from the official site. 2. Select the files or folder you want to compress, then right-click them. 3. Choose **7-Zip** then **Add to archive** from the menu (on Windows 11 you may need **Show more options** first). 4. In the dialog, set **Archive format** to `zip`. 5. In the **Encryption** box on the right, type your password twice. 6. Set **Encryption method** to `AES-256`. 7. Click **OK**. Your ZIP is now encrypted. Anyone who tries to open it gets a password prompt before they can see the contents. One caveat. With the standard ZIP format, AES-256 encrypts the file contents but the file names inside the archive may still be visible. If even the file names are sensitive, use 7-Zip's own `.7z` format instead and tick **Encrypt file names**. ## How to password protect a ZIP file on Mac (Terminal) macOS has no checkbox for this in Finder, but the built-in `zip` command does it in one line. Nothing to install. 1. Open **Terminal** (Applications then Utilities, or search with Spotlight). 2. Move into the folder that contains your files: ``` cd ~/Documents ``` 3. Run the encrypt command, naming your archive and the file or folder to add: ``` zip -er secure.zip MyFolder ``` 4. Type the password when prompted, then type it again to confirm. The `-e` flag turns on encryption and `-r` includes everything inside the folder. The result, `secure.zip`, will not open without the password on any computer. If you prefer a graphical app, [Keka](https://www.keka.io/en/) is a well-regarded free Mac archiver: open it, choose ZIP, set a password, then drag your files in. One thing to watch. The native macOS `zip` command uses the older ZipCrypto standard, which is weaker than AES-256. For genuinely sensitive files on Mac, use Keka or 7-Zip (via the command line) and choose AES-256. ## Can you password protect a ZIP file online? Yes. Browser-based tools like WinZip's web app, or various "encrypt ZIP online" sites, let you upload files, set a password, and download an encrypted archive without installing anything. Use them only for low-stakes files. Uploading a contract, cap table, or customer list to an unknown third-party server hands your unencrypted data to that server before it ever gets encrypted. For anything confidential, encrypt locally with 7-Zip or Terminal instead. ## How secure is a password-protected ZIP file? That comes down to the encryption method and the password. - **AES-256** (7-Zip, Keka, WinZip) is strong. A long, random password is effectively uncrackable with current technology. - **ZipCrypto** (the legacy ZIP standard, used by the default Mac `zip` and older tools) is weak and can be broken with freely available software, especially if an attacker has any unencrypted copy of one file in the archive. - A weak password defeats even AES-256. "Project2026" falls to a dictionary attack in seconds. Use a long passphrase or a password manager. So a ZIP can be plenty secure if you choose AES-256 and a strong password. The encryption is rarely the real weak point, though. The bigger problem is everything that happens after you hit send. ## The limits of password-protecting a ZIP A password on a ZIP file protects the file at rest. It does nothing about how that file moves through the world, and that is where confidential documents actually leak. - **You still have to share the password.** Email it next to the file and you have protected nothing. Send it over Slack or text and it lives in a chat history you do not control. - **No tracking.** Once someone has the ZIP and the password, you have zero visibility. You cannot tell if they opened it, when, or whether they read past the first page. - **No revoke.** A password cannot be un-shared. The moment it leaks to one extra person, every copy of that ZIP is exposed and there is nothing you can do. - **No expiry.** The file works forever. A ZIP you sent during a deal that fell through two years ago still opens today with the same password. - **Easy to forward.** The recipient can pass the file and password to anyone. There is no per-person control and no watermark tying a leaked copy back to whoever shared it. - **All or nothing.** Whoever has the password sees every file inside. You cannot grant page-level or file-level access. For sending photos to family or handing in a class assignment, a ZIP password is fine. For documents tied to a fundraise, an acquisition, or a customer contract, you need control that survives after the file leaves your machine. ## A better way: share confidential files with a secure link Skip the zip-encrypt-email dance with a static file you can never take back. Share the documents as a secure, trackable link instead. Plox is a secure document sharing and virtual data room platform for founders, investors and dealmakers, built for exactly this. You upload the files once and share a link. The link never changes, so you can swap the file behind it anytime, and you keep full control of who can open it and what they can do. - **Passcode and email verification** gate the link, so only the right people get in, with no separate password to leak alongside the file. - **Link expiry and one-click revoke** mean access ends when you want it to. Kill a link the instant a deal dies or a person leaves. - **Per-viewer dynamic watermarking** stamps every page with the viewer's email, so a leaked screenshot points straight back to the source. - **Page-by-page analytics** show you who opened the document, how long they spent on each page, and whether they finished, with real-time notifications the moment someone views it. - **Allow or deny download** lets people read in the browser without ever holding a copy they can forward. You get the security a ZIP password is supposed to provide, plus the tracking, revoke, and expiry it never could. Plox has a genuine free plan: secure links, analytics, and real-time view notifications, no credit card and no time limit. Watermarking and data rooms are on the paid plans (see [/pricing](/pricing) for current numbers). For a deeper walkthrough of access controls, see how [Plox document control](/document-control) handles passcodes, expiry, NDA, and download permissions in one place. ## Frequently asked questions ### Can I add a password to an existing ZIP file? Not directly. The standard ZIP format does not let you bolt a password onto an already-created unencrypted archive. Recreate it with encryption: extract the files, then re-zip them with a password using 7-Zip (Windows) or `zip -er` (Mac). If you only have the ZIP, unzip it first, then make a new encrypted archive from the contents. ### How do I password protect a ZIP without installing software? On Mac you need nothing extra. The built-in Terminal command `zip -er archive.zip folder` works out of the box. Windows has no fully native option since File Explorer cannot set a ZIP password, so you either install a free tool like 7-Zip or use an online encryptor, which we only recommend for non-sensitive files. ### Is AES-256 ZIP encryption safe enough for confidential documents? The encryption itself is strong. AES-256 with a long, random password is not realistically crackable today. The weak point is everything around it: sharing the password safely, knowing who opened the file, and being able to revoke access. For confidential business documents, encryption alone falls short, which is why a trackable, revocable secure link is a better fit. ### What is the difference between a ZIP password and ZipCrypto vs AES-256? A "ZIP password" can use one of two encryption schemes. ZipCrypto is the old default: widely compatible but cryptographically weak and crackable. AES-256 is the modern standard, strong, and the one you should always select. The native macOS `zip` command uses ZipCrypto, while 7-Zip, Keka, and WinZip let you choose AES-256. ### I forgot my ZIP password. Can I recover it? There is no built-in recovery. If you chose AES-256 with a strong password, the file is effectively unrecoverable, which is the point. This is one more reason that, for documents you need ongoing access to and control over, a managed secure link beats a static encrypted file you can lock yourself out of permanently. ### How can I track who opens a file after I send it? A ZIP file cannot do this. Once it leaves your outbox you are blind. To see who opened a document, when, and how far they read, share it as a tracked link instead. Tools built for this, like Plox, give you page-by-page [document control and analytics](/document-control) with real-time notifications, plus per-viewer watermarks so any leak is traceable. Want control that does not end when the file leaves your machine? [Share securely with Plox](/) for free: secure links, analytics, and real-time notifications, no credit card required. For related reading, see [how to securely store documents](/blog/how-to-securely-store-documents) and [how to send a ZIP file via email, cloud and more](/blog/send-zip-file-via-email-cloud-and-more).