Password Strength Calculator
Analyze password strength with entropy calculation, character composition, and actionable security suggestions.
Input
- Use at least 12 characters
- Add uppercase letters (A-Z)
- Add lowercase letters (a-z)
- Add numbers (0-9)
- Add special characters (!@#$%...)
Output
Readme
What is password strength?
Password strength is a measure of how resistant a password is to being guessed or cracked by attackers. It depends on several factors including length, character variety, randomness, and the absence of predictable patterns. A strong password significantly increases the time and resources required for a brute-force or dictionary attack to succeed.
Entropy is one of the most important concepts in password strength. Measured in bits, entropy represents the amount of uncertainty in a password. Higher entropy means more possible combinations an attacker would need to try. For example, a password using only lowercase letters has roughly 4.7 bits of entropy per character, while one mixing uppercase, lowercase, digits, and symbols can reach over 6 bits per character.
Tool description
This tool analyzes any password in real time and provides a detailed breakdown of its strength. It calculates an overall score from 0 to 100, assigns a strength rating (Very Weak, Weak, Fair, Strong, or Very Strong), and shows the exact character composition. The tool also detects common weaknesses like sequential patterns, keyboard patterns, and repeated characters, then offers specific suggestions to improve the password.
How it works
The scoring algorithm evaluates four main factors:
- Length — Passwords under 5 characters receive no length credit. Longer passwords earn progressively more points, up to 35 out of 100.
- Character variety — Using a mix of uppercase letters, lowercase letters, digits, and special characters earns up to 25 points.
- Uniqueness — The ratio of unique characters to total length contributes up to 15 points, scaled by password length to prevent short passwords from scoring disproportionately.
- Entropy — The calculated Shannon entropy adds up to 25 bonus points based on the size of the character pool and password length.
Penalties are applied for sequential patterns (abc, 123), keyboard patterns (qwerty, asdf), and excessive character repetition.
Features
- Real-time analysis as you type with instant feedback
- Entropy calculation in bits based on character pool size
- Full character composition breakdown (uppercase, lowercase, digits, special, unique)
- Pattern detection for sequential characters, keyboard walks, and repetition
- Actionable improvement suggestions tailored to the specific password
Use cases
- Checking the strength of a new password before using it for an important account
- Comparing different password strategies to understand which approach produces stronger results
- Learning how character variety and length affect overall password security
Strength ratings explained
| Rating | Score | Description |
|---|---|---|
| Very Weak | 0–19 | Easily guessed; vulnerable to basic attacks |
| Weak | 20–39 | Offers minimal protection; still predictable |
| Fair | 40–59 | Moderate strength; acceptable for low-risk accounts |
| Strong | 60–79 | Good protection against most attack methods |
| Very Strong | 80–100 | Excellent; highly resistant to brute-force attacks |
Tips
- Aim for at least 12 characters with a mix of all four character types
- Avoid dictionary words, names, dates, and common substitutions like "p@ssw0rd"
- Use a passphrase — a sequence of random, unrelated words — for both strength and memorability
- Never reuse passwords across different accounts