PeaZip is a free file archiver especially focused on security which
supports reading and writing (encryption and decryption) of many strong
optionally using two factor
authentication (password and keyfile) for increased security
against means like social engineering
or dictionary based attacks (that
can considerably reduce the effort of brute-forcing a textual password
Use of end-to-end
cryptography, in which sender and recipient are in
charge of encrypting and decrypting the encoded data, is strongly
each time data is sent to (or through) external servers, even if the
service is advertised implementing cryptography measures.
In example, creating encrypted mail
attachments (and to encrypt uploads to cloud services) preserve
data secrecy against any unauthorized access to user's private
information and data even in case the service is
compromised, either by successful attack, insider breach, or plain
change of policies granting access to unwanted subjects.
Cryptographic protocols supported by PeaZip for writing
(creating password protected archives) are:
PeaZip supports (read-only) decryption of ACE, and RAR archives.
- 7-Zip / p7zip
- WinZip AE (Advanced
- ZipCrypto, for
legacy compatibility purpose only as the algorithm is considered weak
under today's standards
- FreeARC ARC format implementing
encryption scheme that supports AES256, AES contest finalists
Twofish256 and Serpent256 algorithms, and classic Blowfish algorithm
- PeaZip's native .pea file format,
supporting AES, Serpent and Twofish (128 and 256 bit) EAX-mode
authenticated encryption, enforcing
cryptographically strong data secrecy and verifiable autenticity
To password protect files within archives, chose an archive type
supporting encryption, as ZIP, 7Z, ARC, and PEA, add files to the
archive being created as explained in the FAQ page, then click on the
padlock icon to
set a password and optionally
a keyfile for the archive -
the icon is in the status bar in the file/archive browser, and under
the output file name in the archive creation interface.
provides an integrated utility to create
random keyfiles and
passwords sampling entropy from the system and from user's
interaction, Crtl+F9 or main applications' menu Tools > Create
random password / keyfile
PeaZip's password manager is
available from main menu, Tools > Password manager.
The password list file is saved in private user's path, allowing each
user to maintain a personal password manager containing different
passwords or passphrases not accessible to other standard users of the
Optionally, the user can decide to encrypt the password list with a
master password, making the passwor manager private even to
administrative accounts of the same machine, being the data file
unreadable until the correct password is provided.
archive types, like 7Z and ARC, support encrypting
added to the archive: in this case it will not even be
possible to see the list of archive's content, file and directory
names, without knowing the password.
ARC, ZIP, and ZIPX archives support file
level encryption, so each file
in an archive could have, if desired by the archive creator, a
In "Advanced" tab of archive creation interface users can chose
encryption method to apply to the archive: by default the recommended
method will be displayed.
If a password is already set (i.e. because adding files to an already
encrypted existing archive) it will be reported to the user in the
archive creation interface.
information about encryption
External online resources: NIST
Information Technology Portal, Wikipedia
entry for encryption,
description of Rijndael/AES, Twofish, Serpent ciphers.
Topics and serach suggestions: create
encrypted files, NIST Advanced Encryption Standard, Rijndael/AES
EAX mode, Twofish encoding, Serpent algorithm,
apply cryptography, symmetric key block cipher, encode / encrypt files
Windows and Linux systems,
encrypted archives, encoded data, set encryption password protection
generator, password manager, open source strong encryption software,
archives, how to encode 7z files.