Type any password below to check its strength. We analyse entropy, crack time, character variety, and patterns — all in real time. Your password never leaves your device.

— Strength

— Crack Time

— Length

— Entropy

Strength Score —

—

Character Types

—

Pattern Detection

—

Uniqueness

🔧 How to improve this password

How Password Strength Is Measured

We evaluate four key factors that determine how resistant a password is to cracking attempts.

🔢

Entropy (Bits)

Each character adds log₂(pool size) bits of entropy. 80+ bits is considered uncrackable by current standards. A 16-character password with all types ≈ 105 bits.

⏱️

Crack Time

Estimated time to brute-force at 1 trillion guesses/second (realistic for modern GPUs). Strong passwords are measured in centuries or millennia.

🎯

Character Variety

Using lowercase, uppercase, numbers, and symbols exponentially increases the search space. Each added type multiplies cracking difficulty.

🚫

Pattern Detection

Common passwords, dictionary words, sequential characters (abc, 123), and repeated patterns are flagged. Hackers try these first.

How to Create a Strong Password

🔤

12+ Characters

Length is the single most important factor. Each extra character multiplies difficulty exponentially.

🎲

Mix Character Types

Combine uppercase, lowercase, numbers, and symbols. Each type dramatically expands the search space.

🔄

Never Reuse

Use a unique password for every account. Breach one, lose them all — unless they're all different.

Need a strong password? Try our free password generator — creates cryptographically secure passwords instantly.

Frequently Asked Questions

A score of 80+ out of 100 is considered strong. This corresponds to approximately 80+ bits of entropy — enough to resist brute-force attacks for thousands of years. Scores below 40 indicate weak passwords that can be cracked in seconds or minutes. Our tool uses a comprehensive algorithm that evaluates length, character variety, common patterns, and known weak passwords.

No — absolutely not. The entire analysis runs in your browser using JavaScript. Your password never leaves your device, is never transmitted over the network, and is never stored. This is the same architecture as our main password generator. For maximum security, you can even use this tool offline after the page loads.

Crack time is the estimated time it would take a powerful computer to guess your password through brute force. We assume 1 trillion guesses per second — realistic for a modern GPU cluster. Real-world attackers often combine dictionary attacks, common patterns, and known breaches, which can crack weak passwords much faster. The crack time shown assumes the attacker has no prior knowledge about your password.

12 characters is considered the minimum for a reasonably secure password. A 12-character password with all character types provides roughly 72 bits of entropy and would take hundreds of years to brute-force. However, we recommend 16+ characters for critical accounts (email, banking, password manager). Many organisations now mandate 14+ characters as standard policy.

This tool analyses existing passwords — it tells you how strong a password is and how to improve it. A password generator creates new strong passwords instantly. Many people use a generator to create a password, then check it here to understand why it's strong. For best results, use both: generate a 16+ character password with our generator, then verify it here.