Password Strength Checker

The checker evaluates multiple factors: length, character variety (uppercase, lowercase, numbers, symbols), pattern detection (keyboard walks, repeated characters, common sequences like "123" or "abc"), dictionary word checks, and entropy calculation. Each factor contributes to an overall strength score from very weak to very strong.

No — absolutely not. All password analysis runs entirely in your browser using JavaScript. Your password never leaves your device and is not transmitted, stored, or logged anywhere. You can verify this by disconnecting from the internet before testing — the tool works fully offline.

Entropy measures the randomness or unpredictability of a password in bits. Higher entropy means more possible combinations an attacker must try. A truly random 12-character password using uppercase, lowercase, numbers, and symbols has about 79 bits of entropy — sufficient to resist brute-force attacks for decades.

The tool estimates crack time against different attack scenarios: online attacks (rate-limited, ~1,000 guesses/sec), offline attacks on fast hashes (~10 billion/sec), and offline attacks on slow hashes like bcrypt (~10,000/sec). Real-world crack times depend on the hashing algorithm and attacker resources.

Length is the single most important factor — a 16+ character passphrase beats an 8-character complex password. Use a mix of character types, avoid dictionary words and patterns, never reuse passwords across sites, and ideally use a password manager to generate and store unique random passwords for every account.