I had some little surprise last week with this zip file: http://depositfiles.com/files/8389707

The password I used was "5be890c219b0a837600e5fbb7ae8a2505be890c219b0a837600e5fbb7ae8a250" but surprisingly you can unzip it with a much shorter password "tdc4Dl" too.

Winzip password protection was never secure but who could have thought it would be this easy to create a collision?

Heh, that's really interesting.
A passwordcracker would be able to eventually crack it by finding that short password (wich would still take long, but it's doable) eventhough the real password is pretty big and "secure".

Yeah actually that was how I discovered the short password

mwoaaahh lets take 1234 as password then, much easier to remember