What Makes a Password Strong?
Password strength is measured in bits of entropy — the mathematical randomness of your password. A good password has 60+ bits of entropy, uses a mix of character types, and avoids common patterns and dictionary words.
What Our Tool Measures
- Entropy (bits of randomness)
- Estimated crack time (from milliseconds to centuries)
- Character set analysis (uppercase, lowercase, numbers, symbols)
- Pattern detection (keyboard walks, repeated characters, sequences)
- Common password database comparison (top 10,000 leaked passwords)
- Percentile ranking against global password strength
How Crack Time Is Calculated
We estimate how long a modern GPU cluster would take to brute-force your password. This accounts for your password length, character set, and any detected patterns that reduce effective entropy.
Tips for Better Passwords
- Use 16+ characters — length beats complexity
- Mix uppercase, lowercase, numbers, and symbols
- Avoid dictionary words, names, or dates
- Don't use keyboard patterns (qwerty, asdf, 123456)
- Use a unique password for every account
- Consider a passphrase: "correct horse battery staple" is stronger than "P@ssw0rd!"
Frequently Asked Questions
Does this tool store my password?
No. The analysis runs entirely in your browser. Nothing is sent to any server.
What's a good entropy score?
40-59 bits is moderate. 60-79 is strong. 80+ bits is excellent (centuries to crack).
Is "P@ssw0rd!" a strong password?
No. Despite using special characters, it's a common substitution pattern that password crackers detect instantly.