Password Strength Checker
Estimate the strength of a password — entropy, crack time, and what's making it weak.
🔒 Your password is analyzed entirely in your browser. Nothing is sent over the network.
How the estimate works
Strength is reported as Shannon entropy in bits — the size of the character pool times the password length. The crack-time figure assumes an offline attacker running ~10¹¹ guesses per second against a modern hash (a high-end consumer GPU rig). Real-world speed depends on the algorithm; for bcrypt or Argon2 with sane parameters, real attacks are billions of times slower.
This page does not send your password to any server. It checks against a small built-in list of the most common passwords; for a full breach check use a tool that consults the HIBP k-anonymity API.
You might also like
- .gitignore BuilderPick languages, frameworks, build tools, editors and OS — get a deduped .gitignore.
- .gitignore GeneratorBuild a .gitignore by picking from common language, framework, and OS templates.
- Dockerfile StarterMulti-stage Dockerfiles for Node, Python, PHP, Go, Ruby, Rust, Java, and static sites — plus matching .dockerignore.
- GitHub Actions StarterWorkflow YAML for Node CI, Python pytest, Go, Rust, Docker build/push, or GitHub Pages deploy.