Password Strength Meter
Test password strength. Entropy bits, crack-time estimate, common-password check. Free.
How to use
How strength is measured
Strength is measured in bits of entropy. Each bit doubles the number of possible passwords. A password with 30 bits has a billion possibilities; 60 bits is a billion billion. Modern guidance: aim for at least 60 bits for any account, 80+ bits for important accounts (banking, email).
Crack-time estimates
Estimates assume an offline attack at 100 billion guesses per second — what a well-funded attacker can do today against a leaked password database. Online attacks (against a login form) are much slower because of rate-limiting, but if the password is in a breach database it can be cracked in milliseconds. The 200-word common-password list catches the most obvious weak passwords.
Privacy
Your password is checked entirely in your browser. Nothing is sent to any server. The password never leaves your device.