Password Strength Checker
Type to check strength...
Entropy: 0 bits
Estimated Time to Crack:
Brute Force:
N/A
Phishing:
Seconds to Minutes (if user falls for it)
Credential Stuffing:
Seconds to Minutes (if password is reused)
Password Spraying:
Seconds to Minutes (if password is common)
The Science of Password Strength (Entropy)
Password strength is measured by entropy, which indicates its randomness and unpredictability. Higher entropy means a stronger, harder-to-crack password.
The formula used is: Entropy (in bits) = L × log₂(N)
- L: Length of the password.
- N: Number of possible characters (character set size). This value increases based on the types of characters used:
- Only lowercase (a-z): N = 26
- Lowercase + numbers (0-9): N = 36
- Lowercase + uppercase (A-Z) + numbers: N = 62
- Lowercase + uppercase + numbers + special characters: N ≈ 94 (includes common symbols)
Password Strength Levels:
- Very Weak: Less than 25 bits
- Weak: 25 to 50 bits
- Okay: 50 to 75 bits
- Good: 75 to 100 bits
- Excellent: More than 100 bits
* Cracking time estimates for Brute Force assume a powerful attacker capable of ~1 trillion (10^12) guesses per second. Other methods depend on human error and common password lists.
0 Comments