# Password Strength Calculator Check how strong your password is by calculating entropy and estimated crack time. See how length and character types affect security strength. ## What this calculates How strong is your password? This calculator measures password strength by computing entropy (randomness in bits) based on the character set used and password length. It estimates how long a brute-force attack would take with modern GPU hardware doing 10 billion guesses per second. ## Inputs - **Password Length** — min 1, max 64 — Number of characters in the password - **Lowercase Letters (a-z)** - **Uppercase Letters (A-Z)** - **Numbers (0-9)** - **Symbols (!@#$...)** ## Outputs - **Entropy** — Higher is stronger. 80+ bits is very strong. - **Character Pool Size** - **Possible Combinations** — formatted as text - **Estimated Crack Time** — formatted as text — At 10 billion guesses per second (GPU) - **Strength Rating** — formatted as text ## Details Password strength depends primarily on two factors: - Length: The most important factor. Each additional character multiplies the search space. - Character set size: Using lowercase, uppercase, numbers, and symbols increases possible combinations. Recommendations: - Use at least 12 characters (16+ for sensitive accounts) - Mix character types: uppercase, lowercase, numbers, symbols - A long passphrase of 4-5 random words is very strong and memorable - Never reuse passwords across accounts - Use a password manager to generate and store unique passwords Entropy reference: 40 bits = moderate, 60 bits = strong, 80+ bits = very strong, 128+ bits = practically uncrackable. ## Frequently Asked Questions **Q: What is password entropy?** A: Entropy measures the randomness or unpredictability of a password in bits. It is calculated as: length x log2(character set size). Higher entropy means more possible combinations and a stronger password. 80 bits of entropy is considered very strong. **Q: Is a longer password always better?** A: Yes, length is the most powerful factor. A 16-character lowercase password (75 bits) is stronger than an 8-character password with all character types (52 bits). Each additional character multiplies the total combinations by the character set size. **Q: How fast can hackers crack passwords?** A: Modern GPU clusters can attempt 10+ billion password hashes per second against common algorithms like MD5. Against slower algorithms like bcrypt, the rate drops to thousands per second. This is why both password strength and proper hashing matter. **Q: Are passphrases better than passwords?** A: Yes, a passphrase of 4-5 random words (e.g., 'correct horse battery staple') is typically both stronger and more memorable than a short complex password. A 4-word passphrase from a 7,776-word list has about 51 bits of entropy, and 5 words gives about 64 bits. **Q: Does this calculator evaluate my actual password?** A: No, this calculator evaluates the theoretical strength based on length and character types. It assumes random character selection. Real passwords may be weaker if they use dictionary words, patterns, or personal information that attackers can guess. --- Source: https://vastcalc.com/calculators/technology/password-strength Category: Technology Last updated: 2026-04-21