Password Strength & Time-to-Crack
Analyze your password's strength and see how long it would take to brute-force. Never sent to any server.
Your password is analyzed entirely in your browser. It is never sent to any server or stored anywhere.
About This Tool
The Password Strength Checker calculates the entropy of your password and estimates how long it would take to crack using a brute-force attack. Entropy is measured in bits each additional bit doubles the search space. The tool analyzes character set size, password length, common patterns, and dictionary words to give you a realistic strength score. Your password is analyzed entirely in your browser and never transmitted anywhere.
How to Use
- Type your password into the input field. The strength meter updates in real time as you type.
- Review the entropy score (bits), crack time estimate, and strength rating.
- Check the suggestions panel for specific improvements adding symbols, increasing length, etc.
- Use the Password Generator to create a stronger replacement if needed.
Frequently Asked Questions
What is password entropy?
Entropy measures unpredictability in bits. A password chosen from a 94-character set (all printable ASCII) at 16 characters has ~105 bits of entropy. Higher entropy means exponentially more guesses required to crack doubling entropy squares the crack time.
Is it safe to type my real password here?
Yes. The strength analysis runs entirely in JavaScript in your browser. Your password is never sent to any server. However, as a general practice, it's good habit to use a similar but not identical password for testing.
What score should I aim for?
Aim for at least 60 bits of entropy for general accounts and 80+ bits for financial accounts and email. Random passwords from a generator will always outperform memorable passwords of the same length.