Password Strength Checker
Check password strength with entropy calculation and estimated crack time.
About this tool
A password strength checker is an essential security tool that analyzes your password to estimate how resistant it is to brute-force attacks. By calculating entropy β the randomness and complexity of your password β it provides an estimated crack time, helping you understand whether your password is truly secure. This is especially important in a world where millions of credentials are stolen annually, and weak passwords remain one of the most exploitable vulnerabilities.
Simply enter your password into the tool and it instantly evaluates multiple factors: password length, character variety (uppercase, lowercase, numbers, symbols), and overall entropy in bits. The tool then displays an estimated time it would take an attacker to crack your password through automated guessing. This information helps you decide whether to use your password as-is or strengthen it by adding more characters, mixing character types, or using passphrases.
The checker reveals common password weaknesses such as dictionary words, sequential characters, or repeated patterns β all of which reduce entropy and crack time. Whether you're creating passwords for email, banking, social media, or sensitive work systems, this tool makes it easy to validate your choices before committing to them. Keep in mind that the crack time estimate assumes a single, determined attacker with computational resources; real-world security also depends on whether your accounts are protected by multi-factor authentication and how the service stores passwords.
Frequently Asked Questions
Code Implementation
import math
from collections import Counter
def password_entropy(password: str) -> float:
"""Calculate Shannon entropy of the password string."""
if not password:
return 0.0
counts = Counter(password)
total = len(password)
return -sum((c / total) * math.log2(c / total) for c in counts.values())
def charset_size(password: str) -> int:
size = 0
if any(c.islower() for c in password): size += 26
if any(c.isupper() for c in password): size += 26
if any(c.isdigit() for c in password): size += 10
if any(not c.isalnum() for c in password): size += 32
return size or 1
def strength_score(password: str) -> dict:
length = len(password)
pool = charset_size(password)
# Theoretical max entropy: log2(pool^length)
bits = length * math.log2(pool)
shannon = password_entropy(password) * length
if bits < 28:
label, color = "Very Weak", "red"
elif bits < 36:
label, color = "Weak", "orange"
elif bits < 60:
label, color = "Moderate", "yellow"
elif bits < 80:
label, color = "Strong", "lime"
else:
label, color = "Very Strong", "green"
return {
"length": length,
"charset_size": pool,
"entropy_bits": round(bits, 1),
"shannon_entropy": round(shannon, 1),
"strength": label,
"color": color,
}
if __name__ == "__main__":
samples = ["abc", "password123", "P@ssw0rd!", "xK#9mL2$vQ7!nR4@"]
for pwd in samples:
result = strength_score(pwd)
print(f"{pwd!r}: {result['strength']} ({result['entropy_bits']} bits)")Comments & Feedback
Comments are powered by Giscus. Sign in with GitHub to leave a comment.