Instructions on how to Zip and Encrypt a file or folder

From ADA Public Wiki
Jump to navigation Jump to search

The guidance below will provide you with the details to zip and encrypt your files with a password prior to uploading them to the 'Shell Dataset'.

Mac OS Users

Apple Mac OS users should use the Apple Terminal Tab to create a password protected and encrypted .zip archive file in preparation for uploading to the dataset. The zip file can then be accessed by non-Apple Mac OS users with free software such as TheUnarchiver. Apple do provide other tools for zipping and encryption such as the Utility Disc, however it has been found that these methods can in some cases prevent the files from being accessed on non-Apple Mac OS' or can render file paths too long, preventing other users from downloading and decrypting the data.

File Zipping and Encryption Guidance Notes using Mac OS

To access the standard Apple Mac OS software and to create a zipped and password protected encrypted file, the following instructions can be used.

1. Navigate to the 'Applications' folder or press Command + Shift + A to open the folder. Then select the 'Utilities' folder from within the 'Applications' folder. 
2. Then select the 'Terminal' folder from within the 'Utilities' folder. 

The 'Terminal' tab will open with some basic information already presented to you. This includes the last login and the user details for the computer.

3. You now need to enter the instructions for the Terminal to create an encrypted and password protected zip file. To do this you need to type the command: zip -er ~/Desktop/Name_of_zip_file.zip

Note, there are spaces in the command after the word "zip", after the syntax "-er" and finally after the term ".zip".

  • The term "zip" is the command that tells the Terminal to create a zip file.
  • The term "-er" identifies that the zip file will be encrypted (e) with no file path (r).
  • The term "Desktop" has been entered in the example as the location that the chosen file will be sent to once it has been encrypted and zipped, you can identify another location if you would prefer.
  • The "Name_of_zip_file" term is the name of the final zip product that you want to create at the chosen file location. For Self-Deposits, the file name should adhere to the ADA Standard Naming Conventions. Complete the file name with the term ".zip " remembering that there is a space after the last letter of the word zip.
4. Now drag and drop the file that you want to zip and encrypt into the Terminal window, the text will auto-populate for you. Press the "Return" key once you have done this. 

You will now be prompted to enter and verify the password for the encryption, note that the password will not display and the cursor will not move to show that you have entered a character. In addition, if you use numbers keys that are also shared with special characters (i.e. the 1 key is also used for ! unless you use the Numbers keypad), the Terminal Tab may record the character 1 as !.

5. Enter a password for the file and press the "Return" key. Then repeat the password entry and press "Return" to verify the password.

The Terminal Tab will create the password protected zip file, depositing it into the location identified in your command. An example of a completed file command and the creation of the zip file, in this case on the desktop can be seen in the illustrations below.

You can now close the Terminal Tab or if you need to create additional password protected and encrypted zip files you can return to Step 3 to enter the required command instructions.

The password protected encryption will help to ensure that your data remains protected during the file upload process. Whilst the zipping ensures that the files formatting is retained and prevents Dataverse from adding functionality that the ADA do not utilise at the current time. Once the files and/or folders have been uploaded to Dataverse, the ADA recommends that users do not upload or email passwords with the zip files and folders as these could be intercepted in transit. It is best to call the recipient and relay the password over the phone. The ADA is planning on implementing a facility that will allow you to communicate passwords via SMS messaging. Additional guidance on this can be obtained through the section Transmission of Passwords via SMS when it becomes available.

Non Mac OS Users

For non Mac OS users, it is recommended by the ADA that all data files and certain supporting documents be encrypted using the 7-Zip open source software. This software is used by the ADA Staff and is free. This ensures that the files and folders are protected from unauthorised disclosure during the Dataverse upload process. The software creates a container called ‘archive’ that holds the files requiring protection. That archive container can then be encrypted and password protected. Copies of the software can be obtained via the links at https://www.7-zip.org/.

File Zipping and Encryption Guidance Notes using 7-Zip

1. Right click on the file to be encrypted and select “7-Zip” and then the “Add to archive…” option. 
2. In the Add to Archive window, change the name of the archive that you wish to create if the name differs from the file name selected. 
3. Change the Archive format to “Zip”.  
4. Change the Encryption Method to “AES-256”. There is a trade-off to be had between selecting AES-256 and ZipCrypto. AES-256 has been proven to be much more secure than ZipCrypto, but if you select AES-256 then the recipient of the zip file may also then have to install 7-Zip or another suitable program to read the file contents. The selection of ZipCrypto may allow users to open the zip file in Windows without a zip program, but it lacks in adequate protection when compared to AES-256. Since the ADA use 7-Zip, and the software is open source, it is the recommended encryption service for the Self-Deposit process. 
5. At this point, you will be prompted to enter a Password. Use a strong password with at least 8 characters containing both upper and lower case letters, and a minimum of one number. Then select “OK” to create the encrypted archive file. This file will be located in the same folder or area as the original file. If you do not enter a password, you will need to repeat the above steps to double-zip the file (or folder), otherwise the files formatting may be altered during the ingest process and the unwanted explorer function will be added.

The password protected encryption will help to ensure that your data remains protected during the file upload process. Whilst the zipping ensures that the files formatting is retained and prevents Dataverse from adding functionality that the ADA do not utilise at the current time.Once the files and/or folders have been ingested to Dataverse, the ADA recommends that users do not upload or email passwords with the zip files and folders as these could be intercepted in transit. It is best to call the recipient and relay the password over the phone. The ADA is planning on implementing a facility that will allow you to communicate passwords via SMS messaging. Additional guidance on this can be obtained through the section Transmission of Passwords via SMS when it become available.

Where the Data Owner wishes not to use the 7-Zip product they should contact ADA Staff to discuss the implications of using an alternative software package prior to uploading their files and folders.