🔐

Password Entropy Calculator

Estimate the cryptographic strength (entropy) of a password based on its length and character set.

Adds 26 characters to the pool.
Adds 26 characters to the pool.
Adds 10 characters to the pool.
Adds 32 commonly available symbols to the pool.

Results

Password Entropy78.7 bits
Years to Crack (1B guesses/sec)15,091,334.18
Character Pool Size94

📖What is it?

Password entropy measures how unpredictable (and thus how hard to brute-force) a password is. It is calculated as H = L x log2(N), where L is the password length and N is the size of the character set. Every extra bit of entropy doubles the number of guesses needed.

🎯How to use

Select which character types your password uses and enter its length. The calculator computes the full character pool size, the resulting entropy in bits, and an estimated time to crack by exhaustive brute-force at 1 billion guesses per second (a fast GPU rate).

💡Example scenario

A 12-character password using all four character types (94-char pool) gives ~78.8 bits of entropy. At 1B guesses/sec that is ~12 million years. A 6-character all-lowercase password gives ~28 bits — cracked in under a second. Length matters far more than character variety.

🏆Pro tip

NIST SP 800-63B (2017 guidelines) recommends at least 8 characters and prioritises length over complexity. A memorable passphrase of 4 random words (e.g. "correct-horse-battery-staple") provides ~50+ bits of entropy and is easier to remember than "P@ssw0rd1!". Targets: 60 bits = good, 80 bits = great, 100+ bits = excellent for high-security use.