Password Strength Checker — Entropy, Time to Crack
Quick Answer
Password strength is measured in entropy bits: a 12-character password with mixed case, digits, and symbols has about 72 bits of entropy, taking 6 million years to crack offline at 10 to the 11 guesses per second per NIST 800-63B guidance.
Also searched as: how strong is my password, password entropy calculator, password checker, crack time estimator
Your password never leaves your browser; all analysis runs locally.
Strength
—
Entropy
—
bits
Time to crack (offline)
—
at 10^11 guesses/sec
Length / Pool size
—
How Password Strength Is Measured
Password strength is quantified as entropy, the number of bits of randomness an attacker would have to guess on average to find the password. The formula is entropy = length times log base 2 of the character pool size. A 10-character password drawn from 94 printable ASCII characters has 10 times 6.55 or about 65 bits of entropy, meaning an attacker must try roughly 2^64 passwords before a 50 percent chance of success. Entropy alone does not capture the full picture because humans pick predictable patterns like "Password1" or substitutions such as "p@ssw0rd", which reduce real-world strength far below the formula's estimate. This checker applies heuristic penalties for common patterns, dictionary words, and known breached passwords to give a realistic rating. The approach follows the principles in NIST Special Publication 800-63B, the US federal digital identity guideline. For related tools, see our password generator and UUID generator.
The Entropy Formula and Crack-Time Math
The theoretical search space of a password is P = pool^length, and the entropy in bits is log2(P) = length times log2(pool). Time to crack equals P divided by the attacker's guess rate. The canonical offline attack rate against fast hashes on a high-end GPU is roughly 10^11 guesses per second (Hashcat benchmarks on an RTX 4090 show MD5 at 164 GH/s, NTLM at 288 GH/s, and SHA-1 at 57 GH/s). At 10^11 guesses/sec, cracking all 2^60 passwords takes 2^60 / 10^11 = about 3,650 seconds, or roughly an hour; cracking all 2^72 takes about 500 years. A worked example: a 14-character password using only lowercase letters has 14 * log2(26) = 65.8 bits and falls to a dedicated GPU in about 26 days; the same 14 characters drawn from the full 94-character pool climbs to 91.6 bits and would survive for 87 billion years. Length matters more than any single character class.
Key Terms You Should Know
Entropy: the measure of unpredictability in bits; each bit doubles the search space. Character pool: the set of characters allowed in the password; common pools are 26 (lowercase), 52 (mixed case), 62 (alphanumeric), and 94 (ASCII printable). Offline attack: an attacker has the leaked password hash and can try guesses as fast as their hardware allows, with no server rate limiting. Online attack: the attacker must send each guess to a server; typical rate is 1 to 100 guesses per second before throttling kicks in. Credential stuffing: using leaked username and password pairs from one site to log in to another, which is why password reuse is dangerous. Passphrase: a sequence of random words, like correct-horse-battery-staple, which can reach 80+ bits of entropy while remaining memorable. Key derivation function: a slow hash like Argon2id, bcrypt, or PBKDF2 that deliberately makes each guess expensive, reducing attacker speed by a factor of 10,000 or more.
Entropy and Crack Time — Reference Data
The table below shows representative entropy values and estimated offline crack times at 10^11 guesses per second, which approximates an attacker with a single high-end GPU cracking an unsalted MD5 or SHA-1 hash. Times are for the full keyspace; the expected time to crack is half this value. These numbers come from the standard entropy formula combined with Hashcat benchmarks published on its website. Note that if the target hash is bcrypt with a work factor of 12, the rate drops from 10^11 to roughly 10^4, which adds 7 orders of magnitude to every time below.
| Password | Length | Pool | Entropy | Time to crack |
|---|---|---|---|---|
| password | 8 | 26 | 37.6 bits | Instant (in top 10) |
| Tr0ub4dor&3 | 11 | 94 | 72 bits nominal | 3 days (dictionary) |
| 8 random lowercase | 8 | 26 | 37.6 bits | 2 seconds |
| 12 random mixed | 12 | 94 | 78.7 bits | 131,000 years |
| correct horse battery staple | 28 | Diceware | 44 bits | 55 hours |
| 7-word diceware | ~40 | Diceware | 90 bits | 391 billion years |
Practical Examples
Example 1 — A typical work password: "Summer2024!" is 11 characters from a pool of 94, giving a nominal 72.1 bits of entropy. But the structure (capital word + year + symbol) is in every cracking rule list; Hashcat finds it in under one second using the well-known rockyou-30000.rule ruleset. Real strength: below 20 bits. Example 2 — A password-manager output: "Kx9!mQp2vLz8nR4@" is 16 random characters from a 94-character pool, giving 104.9 bits of entropy. At 10^11 guesses per second it would take 7.2 x 10^14 years to exhaust the keyspace, far longer than the age of the universe. Example 3 — A diceware passphrase: five random words from the EFF Large Wordlist give 5 times 12.9 = 64.6 bits, which takes about 11 years to crack at 10^11 guesses per second but is far easier to remember than 11 random characters with the same strength.
Tips and Best Practices
Use a password manager: it is the single highest-impact change you can make; it eliminates reuse and generates 20+ character random strings you never need to type. Aim for 16 characters minimum: length is the most valuable factor; a 16-character random password exceeds 100 bits of entropy on a full pool and is effectively unbreakable offline. Enable two-factor authentication: even a weak password becomes much harder to exploit when paired with TOTP or a hardware key; the 2023 Google Workspace study found 2FA blocks 99 percent of automated credential-stuffing attacks. Never reuse passwords: 80 percent of data breaches involve stolen credentials that also worked on a different site, per the Verizon 2024 Data Breach Investigations Report. Prefer passphrases over complex strings: five to seven random words are stronger and easier to memorize than twisted substitutions. Check your email against HaveIBeenPwned: if any of your accounts appears in a breach, rotate that password everywhere it was reused. Do not expire strong passwords on a schedule: NIST 800-63B explicitly removed mandatory 90-day expiration because forced rotation leads users to pick weaker, incremental passwords.
Frequently Asked Questions
What is password entropy?
Password entropy is a measure of how unpredictable a password is, expressed in bits. Each bit of entropy doubles the number of guesses an attacker must try, so a 40-bit password has about one trillion possibilities and a 70-bit password has about 10 to the 21st power possibilities. The formula is entropy = length times log2(pool size), where pool size is the number of possible characters. NIST Special Publication 800-63B recommends at least 80 bits of entropy for most online accounts and higher for encryption keys.
How long should my password be?
NIST 800-63B, the US federal digital identity guideline updated in 2017, sets the minimum at 8 characters for user-chosen passwords and 6 characters for randomly generated ones. However, security researchers widely recommend 12 to 16 characters as a safer baseline because GPU-based cracking has accelerated dramatically; the Hashcat benchmark on a single RTX 4090 in 2024 can test about 164 billion MD5 hashes per second. A 12-character password mixing upper, lower, digits, and symbols has about 72 bits of entropy, which would take roughly 6 million years to crack at that rate.
What is the most common password?
The most common password found in leaked data dumps for the past decade is 123456, followed by password, 12345678, qwerty, and 111111, according to NordPass's annual Top 200 Most Common Passwords report. These passwords appear millions of times in breach corpora such as the Have I Been Pwned database, which contains over 13 billion compromised credentials. Any password that matches one of these top entries is effectively worthless because an attacker will try them within the first few seconds of any credential-stuffing attack. This tool checks your input against a list of the top 100 compromised passwords.
How is time to crack calculated?
Estimated time to crack equals the total number of possible passwords divided by the attacker's guess rate. For offline attacks against fast hashes like MD5 or SHA-1 on modern GPU hardware, the industry benchmark is about 10 to the 11 guesses per second per high-end card, and a well-funded attacker can scale that to 10 to the 13 or higher with a cluster. This tool uses the 10 to the 11 guesses per second assumption, which represents a single motivated attacker. Slow password hashing algorithms such as Argon2id or bcrypt with a high work factor reduce the attack rate by several orders of magnitude, making even a 60-bit password take years.
Should I use a password manager?
Yes. The most effective defense against password attacks is to generate a unique, long, random password for every site using a password manager such as Bitwarden, 1Password, or KeePassXC. Password managers create 20 or 30-character passwords with high entropy that no human could remember, and then auto-fill them on the correct domain, which also protects against phishing. NIST 800-63B explicitly endorses password managers and allows copy-paste into password fields, reversing earlier guidance. Pair your password manager with a strong master password and enable hardware-key or TOTP two-factor authentication for the vault itself.
Is adding a number or symbol enough to make a password strong?
No. Appending a single number or exclamation mark to a dictionary word adds less than four bits of entropy and is the first thing a cracking tool tries. Hashcat's rule files such as best64 and dive test millions of these simple mutations per second. Real strength comes from length and randomness: a 14-character random string always beats a 10-character dictionary word plus 2 digits, even though both contain digits and letters. If you must memorize a password, use the diceware or passphrase method, stringing 5 to 7 random common words together, which can reach 80 bits of entropy while remaining memorable.