# Encryption: Password-Protected Archives Every backup is stored as a ZIP archive that is automatically encrypted with a unique, system-generated password. This ensures that your backup data remains confidential and tamper-proof. ## Encryption Standards The archive is built using [ZIP File Version 5.2](https://pkware.cachefly.net/webdocs/APPNOTE/APPNOTE-5.2.0.txt) combined with [AES-256](https://en.wikipedia.org/wiki/Advanced_Encryption_Standard) encryption—one of the strongest encryption methods available. > **Note:** Many built-in ZIP utilities (e.g., Microsoft Windows Compressed Folders) do not support AES encryption. For optimal compatibility, we recommend third-party tools such as [7-Zip](https://www.7-zip.org/). ## Double-Archive Method To protect filenames, Cloudback embeds one ZIP archive inside another. Filename encryption is introduced in [ZIP File Format Specification 6.2](https://pkware.cachefly.net/webdocs/APPNOTE/APPNOTE-6.2.0.txt). We use version 5.2 for better compatibility while still protecting your filenames. ## Managing Encryption Settings For customer managed storages, you have the option to disable archive encryption: * **Disabling Encryption:** Edit your customer managed storage settings and select `ZIP archive without password protection`. > **WARNING:** Disabling encryption requires that you implement alternative measures to secure your data. * **Enabling Encryption:** To ensure maximum security, choose `Password-protected ZIP archive`. ![Setting up archive type](https://2781059148-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FQEI7SjBF2CddqNXZpCoE%2Fuploads%2Fgit-blob-f946de2ee2ff52e1ef180991232c1e5a8d8e3f17%2Foptional-password.png?alt=media) Cloudback-managed storages always enforce password protection to maximize data safety. ## Archive Sample & Password You can download a sample archive to test your extraction tools: * **Download:** [bee12062e5d741b1baf334088c2c980d.zip](https://github.com/cloudback/docs/raw/refs/heads/master/static/features/bee12062e5d741b1baf334088c2c980d.zip) * **Password:** `c8f42392e86e4f7fbe8b4adf7ec65694` ![Archive encryption method](https://2781059148-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FQEI7SjBF2CddqNXZpCoE%2Fuploads%2Fgit-blob-9a6fb82e6e19560eadd2f893dc6bd3c560f098cd%2Fzip-aes.png?alt=media) ![Archive password](https://2781059148-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FQEI7SjBF2CddqNXZpCoE%2Fuploads%2Fgit-blob-ed713012afba8741a2691ecaf0b653de64580573%2Fzip-password.png?alt=media) ![Archive content](https://2781059148-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FQEI7SjBF2CddqNXZpCoE%2Fuploads%2Fgit-blob-9bb7314cb378a759b8f6c1f518b54f67852a2843%2Fzip-content.png?alt=media) ## Learn More * [Customer Managed Storages](https://docs.cloudback.it/storage-configuration/customer-managed-storages) * [Restoring a Backup](https://docs.cloudback.it/data-restoration/restoring-a-repository) * [Data Deduplication](https://docs.cloudback.it/managing-backups/data-deduplication)