Password Strength Checker
Analyze your credentials' resistance to modern GPU dictionary-cracking scripts.
Diagnostics & Suggestions
- ✕ Input password to begin checks.
Est. Offline Crack Time
Calculated assuming a standard hash brute-force index rate of 100 billion checks per second (GPU rig) and 10 million checks per second (CPU).
Lengthen, don't overcomplicate.
Modern security audits show that password length is much more protective than swapping letters with numbers (e.g. replacing 'e' with '3'). A 16-character lowercase sentence is significantly harder to break than an 8-character complex password containing symbols, due to exponential character choices.
What is the Password Strength Checker?
The Password Strength Checker evaluates the complexity of passwords locally in your browser. It calculates the character pool size and measures the bits of entropy. This helps users verify if their credentials can withstand offline GPU cracking rigs.
How it Works
The tool scans the input string for character classes (uppercase, lowercase, numbers, symbols) to determine the pool size (R). It then calculates Shannon Entropy ($E = L \times \log_2(R)$) and runs checks for common dictionary patterns.
Benefits of local generation
- Local evaluation: Your password never leaves your browser.
- Calculates bits of entropy.
- Displays estimated time to crack.
Security Information
No network requests are sent. Calculations are computed in memory and cleared instantly.
Best Practices
- Aim for a strength rating of 'Strong' or 'Guaranteed Secure' (80+ bits).
- Avoid dictionary words or keyboard walking patterns.
- Verify the password on our Breach Checker to ensure it hasn't leaked.