MainspringGuides › Password-protect zip
macOS Guide

How to Password Protect a Zip File on Mac

Updated July 2026 · 3 min read

Right-click → Compress makes a zip, but nowhere in Finder can you give it a password — the option simply doesn’t exist. macOS still ships everything you need, though: the zip command in Terminal creates password-protected archives, and Disk Utility builds properly encrypted containers when the contents actually matter.

Method 1: zip -er in Terminal

  1. Open Terminal (Spotlight → type “Terminal”).
  2. Move to the folder that contains what you’re zipping. Type cd, a space, then drag the enclosing folder from Finder into the Terminal window and press Return — the path fills in for you.
  3. Run the command below, swapping in your own names.
# -e = encrypt (asks for a password), -r = include folder contents
zip -er Secure.zip "Project Folder"
# Enter password:  (typing is invisible — that's normal)
# Verify password:
# undo: delete the archive you just made
rm Secure.zip

Nothing appears as you type the password — Terminal hides it by design; just type and press Return. The result is a normal .zip that any platform can open: double-clicking it on a Mac makes Archive Utility ask for the password, and Windows’ built-in extractor prompts too. Your original files are untouched — the password applies only to the copies inside the archive, so delete the archive and you’re back exactly where you started.

For a single file, drop the -r: zip -e Secure.zip statement.pdf. Before you send the archive anywhere, prove the password took and the archive is intact:

# test the archive — asks for the password, checks every file
unzip -t Secure.zip

If that prompts for the password and reports “No errors detected”, you’re good to send. Skip this check and the first person to discover a typo’d password or a truncated upload will be your recipient.

Know what zip encryption doesn’t protect

Standard zip password protection (ZipCrypto) is decades old and genuinely weak — cracking tools work through it quickly, and the file names inside the archive are visible to anyone without any password at all. Treat a passworded zip as a courtesy lock: fine for keeping a document from casual eyes in transit, wrong for anything you’d mind leaking. That’s not a reason to skip it — it’s a reason to match the tool to the stakes.

Method 2: an encrypted disk image (the strong option)

When the contents are actually sensitive — tax records, ID scans, client data — build an AES-encrypted disk image instead. It’s all built in:

  1. Open Disk Utility (Applications → Utilities).
  2. Choose File → New Image → Image from Folder… and select the folder to protect.
  3. Set Encryption to 256-bit AES and enter a strong passphrase when prompted.
  4. Set Image Format to read-only (a sealed snapshot) or read/write (a vault you can keep adding to), then click Save.

The result is a .dmg that mounts like a tiny drive after the passphrase — real encryption, file names hidden, no third-party software. Uncheck “Remember password in my keychain” at the prompt if other people use your Mac, otherwise the vault opens without asking. To undo, just delete the .dmg. The one trade-off: only Macs open DMGs natively, so use Method 1 when the recipient is on Windows — or, for cross-platform strong encryption, a free tool like Keka can create AES-256 encrypted 7z archives.

More security, fewer commands

While you’re locking things down, Mainspring puts 90+ hidden macOS settings — including privacy and security tweaks usually buried in Terminal — behind labelled, reversible toggles.

Try Mainspring free →

Signed & notarized by Apple · 1-day free trial · $29 once

Before you send it

Share the password over a different channel than the file — if the zip goes by email, the password goes by text or in person. And if what you really want is to keep files safe on your Mac rather than in transit, start with FileVault, which encrypts the whole disk.