#1404 Secure ZIP encryption should be default, warn about or disable insecure encryption

[Hanno Böck]

When using 7-Zip gui and creating a password protected / encrypted ZIP file the default is currently to use "ZipCrypto". What that means is that the original PKZIP encryption is used which has been broken 1994. I'd strongly suggest to change the default to AES-based encryption. I consider it dangerous behaviour to knowingly provide an "encryption" to the user that is broken.

Personally I think the option to "encrypt" with an insecure algorithm shouldn't be provided at all in an application except for debugging purposes, so my advice would be to just disable the feature at all. At the very least it should have a very clear warning that it's not a secure encryption (e.g. rename it to "ZipEncrypt (not secure)" or something alike).