Quite a few cryptographic insecurities

I just searched “AES encryption” on Github to see what poor implementations of AES I could find and I came across your implementation.

There’s quite a few issues with how you’re using it here.

1. Insecure initialization vector – I’ll leave this to you to figure out why not picking a secure random IV for every encryption you do is bad. “16CHARSLONG12345” is most definitely not a secure, random IV.
2. Insecure password hashing – Use a stronger hashing function like Bcrypt, scrypt, or pbkdf2.
3. Unauthenticated cipher mode – You’re using CBC without any authentication of any kind. Look into using CBC with HMAC or a different AEAD like GCM mode or using libsodium’s SecretBox.
4. Ideally, you would derive different keys for each file. It looks like you’re using the same key for every file.

There’s probably more, but this was a quick look over.

Checkout “Cryptography Engineering” by Bruce Schneier and Niels Ferguson to learn how to safely and properly implement cryptographic functions like this.