IT suggests zipping confidential PDFs with a password before emailing them. Your accountant is happy to receive PDFs but doesn't know what to do with .zip files. Which approach is actually safer?
What each one does
A password-protected PDF uses AES-256 (in modern tools) to encrypt the PDF content stream. A password-protected ZIP uses AES-256 (in modern archive tools) to encrypt each file inside the archive.
Cryptographically, both are strong. The difference is in tooling, defaults and recipient experience.
Where PDF wins
Recipients open PDFs natively in any browser, mail client or document reader. No extra software. The encryption layer is part of the PDF spec, so even mobile viewers handle it.
Flint's password tool applies AES-256 in your browser, no install. The recipient just sees a normal PDF that prompts for a password.
Where ZIP wins
If you're sending multiple files together — a PDF plus supporting Excel and Word documents — a single encrypted ZIP packages them in one shot. Smaller download, single password, single decryption step.
But: some ZIP tools default to the old ZipCrypto algorithm (weak; broken since 1990s). Insist on AES-256 in your archive software's settings. Mac's native Archive Utility uses ZipCrypto — you need Keka, 7-Zip or similar for AES.
The practical answer
For a single PDF: encrypt the PDF directly. For a mixed bundle: zip with AES-256 password.
For either, follow the same distribution rule — file by one channel, password by another. The cipher doesn't matter if both halves arrive in the same inbox.
FAQ
Will a ZIP password protect a PDF inside it?
Yes, if the ZIP is AES-encrypted. Both layers of password don't add much — pick one and use it properly.
Can I email an encrypted ZIP through corporate mail filters?
Many filters quarantine encrypted attachments because they can't scan for malware. Check your corporate policy before relying on ZIP.
Does macOS Archive Utility use AES?
No, it defaults to ZipCrypto. Use Keka, 7-Zip on Windows, or a paid tool for AES ZIPs.
Which is better for sending to lawyers?
Most law firms prefer encrypted PDFs because every paralegal can open one without installing anything. ZIPs need extra software on the receiving end.
For a single PDF, lock the PDF. Flint's password tool handles it in seconds.