How secure is 7z encryption?

7-zip (or any other similar utilities) encryption is designed to protect archived files. So, as long as the tool designers did their job well, you are safe for the second case (somebody getting his hand on the encrypted file and trying to crack it).

However, such utility are not designed to protect you against your first mentioned case (someone getting access to your account data on your machine and/or you accessing the file content regularly). Indeed, someone having taken a full (or even just minimal, no need to escalate privileges) access to your system will see you use this file and will also be able to capture your keystrokes while you type your password. Even worse: an attacker will actually will not even have to bother with this since the file will most probably be present in clear form in your Windows Temp directory.

So, for your first threat, I would definitively recommend you to use a tool designed for this usage, like KeePass which will avoid to store decrypted data in temporary files and will provide a minimum protection when typing the password.


To continue with the aggressive scenario.

It could be assumed that the original text file is deleted and with knowledge of the temp file it too can be deleted.

However there are a few tools that find deleted files and can easily recovered them unless you use a "shredding" program that fills the "blank" spaces on the drive with random bits overwriting the original information.

While your zip hiding method would be useful against the casual computer user, a serious perpetrator could utilize this software, recover the deleted information and access the sensitive file.

Even though you have misleading names on your text file the "hacker" would likely recover all the deleted files they could find and use a tool to quickly search any plain text files for key words or numbers relating to banking.


The problem with using 7z or other such software to save encrypted text file with bank detail is that when you need the data, you will have to open the file and unzip it. At that time 7z will dump an unencrypted copy of it in Windows temp directory. You (or 7z software) will need to wipe the temp directory properly every time you open the file.

This isn't the best solution for saving bank details. Use software particularly designed for this. I would suggest use Keepass instead. You won't have to deal with anything unencrypted being dumped in Windows temp directory.