This project is read-only.

password protection is not working

Aug 25, 2009 at 6:41 AM


I did expect that a zip file protected by a password could not be opened without entering that password. In my code I try to set a password but it has no effect. Does someone see what I am doing wrong? Thanks.


                        if (Directory.Exists(path)) zip.AddDirectory(@path, mapPath);

                        string exportFile = eFile.ExportPathName + eFile.ExportFileName + ".zip";

                        if (!eFile.ExportPassword.Equals("")) // set pw and encryption only if a password was entered
                            zip.Password = eFile.ExportPassword;
                            zip.Encryption = EncryptionAlgorithm.WinZipAes256;
                        zip.CompressionLevel = CompressionLevel.BEST_COMPRESSION;


Aug 25, 2009 at 7:03 AM
Edited Aug 25, 2009 at 7:06 AM

Here's what you're doing wrong:  you are failing to read the fine manual.

The doc for ZipFile.Password says, in part: 

When writing a zip archive, this password is applied to the entries, not to the zip archive itself. It applies to any ZipEntry subsequently added to the ZipFile, using one of the AddFile, AddDirectory, or AddItem methods. When reading a zip archive, this property applies to any entry subsequently extracted from the ZipFile using one of the Extract methods on the ZipFile class.

When writing a zip archive, keep this in mind: though the password is set on the ZipFile object, according to the Zip spec, the "directory" of the archive - in other words the list of entries contained in the archive - is not encrypted with the password, or protected in any way. If you set the Password property, the password actually applies to individual entries that are added to the archive, subsequent to the setting of this property.

The same applies to CompressionLevel, Encryption, and so on.  These things apply to entries, and so any change you make to those values on the ZipFile object, is effective for all zip entries added to the zipfile subsequent to the change.



Aug 25, 2009 at 8:48 AM

Thanks for that quick reply and sorry for not finding that section in the docs (I still can't see it, is there a search function?)

Okay , the protection applies to the entries (in my case the directory) within the zip file. So I would expect, the files within the zip cannot be opened without entering the password. But I can open all files except those in the deepest folder - they are protected, all other files are not ... looks strange to me ...

What needs to be done to protect the zip file itself?




Aug 25, 2009 at 10:46 AM
Edited Aug 27, 2009 at 8:30 AM

Okay, I did it in a different way, which also allows to hide the file listing. There might be a better solution but  this one was quick and does the job:


1. create a temp zip file with compression and no protection for the folder(s)

2. put this temp zip file in the final zip file with no compression but with encryption and password

3. delete the temp zip file




PS: Thanks for your work. Saved me.