I like the idea, but... Here is a quick list of things to think about and if some of this has already been mentioned, sorry. Speed: Encryption speed has been mentioned. For short scripts this may not be a problem, although algorithms implemented in C would be faster. Strength: Passwords are [very] weak, especially if of the 6-10 alphanumeric variety. True secret keys where all bit combinations are used is stronger. Entering passwords has been mentioned but I believe only passwords were assumed. It is better to not provide any encryption than to lure novices into believing they are secure when they are not. Algorithms: Be sure to choose good ones and allow for changing later. Key distribution: How to distribute secret keys beyond a small group of friends is problematic. In short it doesn't scale. Looking to public-private key pairs can be equally problematic. This can get you into encryption certs, but *how* you use them correctly differs from signing certs. More on this later if you want. ZIP: Look beyond just zip files. A scheme that works for any/all files in the distribution, not just ZIPs, would be better. (IIRC there have been problems with encrypted zips, but that was years ago. Those issues may have been fixed.) Short version: Doing this right is hard. Simply supporting a password based ZIP file is, in my opinion, not real protection. Gotta go. Later. Larry