Password Checker

Analyze password strength instantly. Get entropy, crack time estimates, pass/fail criteria, and actionable improvement tips — all in your browser.

password security strength entropy generator checker
Free Client-Side Private
Enter a password to analyze
Criteria
    Statistics
    • Length
    • Charset size
    • Entropy
    • Online attack
    • Offline attack
    Suggestions

      Need to create a strong password? Try our Password Generator.

      🔒 This tool runs entirely in your browser — your files are never uploaded to any server.

      Password Checker analyzes your password in real time — right in your browser. No data is sent to any server.

      Features

      Feature Details
      Strength meter 5 levels: Very Weak / Weak / Fair / Strong / Very Strong
      Entropy analysis Calculates bits of entropy based on character variety and length
      Crack time estimate Online (1k/sec) and offline GPU (10B/sec) scenarios
      11 criteria checks Length, uppercase, lowercase, numbers, symbols, repeats, sequences, common passwords
      Suggestions Actionable tips to improve weak passwords
      Show / hide toggle Reveal or mask the password at any time
      Copy button One-click copy to clipboard
      100% client-side Nothing leaves your browser

      How to Use

      1. Type or paste your password into the input field.
      2. The strength meter and criteria checklist update instantly.
      3. Read the Statistics panel for entropy and estimated crack times.
      4. Follow the Suggestions box to fix weaknesses.
      5. Need a new strong password? Use our Password Generator.

      Understanding the Results

      Entropy measures unpredictability in bits. The higher the number, the harder the password is to crack by brute force.

      Entropy Strength
      < 28 bits Very Weak
      28–35 bits Weak
      36–59 bits Fair
      60–127 bits Strong
      128+ bits Very Strong

      Crack time assumes an attacker tries every possible combination:

      • Online attack — 1,000 guesses/sec (rate-limited web login)
      • Offline attack — 10 billion guesses/sec (modern GPU hash cracking)

      Frequently Asked Questions

      Is my password sent to your server?

      No. All analysis runs entirely in your browser using JavaScript. Your password never leaves your device.

      Why does a short password with symbols still score low?

      Length has a far greater impact on entropy than character variety alone. A 6-character password with symbols is still much weaker than a 16-character lowercase-only password.

      What makes a password "common"?

      The tool checks your password against a built-in list of the most frequently used passwords (e.g. "password", "123456", "qwerty"). If your password matches, the score is capped at Very Weak regardless of other factors.

      How is entropy calculated?

      Entropy = length × log₂(charset size). The charset size is the number of distinct character categories present: lowercase (26), uppercase (26), digits (10), symbols (32).

      What length should I aim for?

      For general accounts aim for at least 12 characters; for high-value accounts (email, banking) use 16 or more. A password manager makes this easy.

      What are sequential patterns?

      Runs like "123", "456", "abc", "xyz" are detected and flagged. Attackers include these patterns in their dictionaries.

      What is a passphrase?

      A passphrase is multiple random words joined together, e.g. "correct-horse-battery-staple". It can achieve high entropy with fewer characters and is easier to remember.

      How can I create a strong password?

      Use our Password Generator to instantly create a secure, random password of any length.

      Report an issue