Password Strength Checker
Password Strength Checker
This tool helps you evaluate the strength of passwords against modern security standards and common attack techniques.
Password Evaluation
Enter a password below to evaluate its strength. The password is evaluated locally in your browser and is never sent to our servers.
Understanding Password Strength
Password strength is determined by various factors:
Length
Password length is one of the most important factors. Longer passwords are generally more secure:
- Less than 8 characters: Very weak
- 8-11 characters: Weak
- 12-15 characters: Medium
- 16+ characters: Strong
Complexity
Password complexity refers to the mix of character types:
- Lowercase letters: a-z
- Uppercase letters: A-Z
- Numbers: a-Z
- Special characters: !@#$%^&*()_+-=|;:’“,.<>/?
Using all four character types greatly increases password strength.
Common Patterns
Attackers often check for common patterns:
- Keyboard patterns: qwerty, 12345, asdfg
- Repeated characters: aaabbb, 111222
- Sequential characters: abcdef, 123456
- Common substitutions: p@ssw0rd (instead of password)
Dictionary Words
Using common words makes passwords vulnerable to dictionary attacks. This includes:
- Common words: password, welcome, baseball
- Names: john, mary, smith
- Dates: jan2023, 01012023
- Pop culture references: starwars, superman
Entropy and Password Strength
Entropy is a measure of password unpredictability, typically measured in bits:
- Less than 40 bits: Very weak
- 40-60 bits: Weak
- 60-80 bits: Medium
- 80-100 bits: Strong
- 100+ bits: Very strong
The entropy of a truly random password can be estimated as: log₂(C) × L, where C is the character set size and L is the password length.
Creating Strong Passwords
Passphrase Method
Create a memorable passphrase by combining random words:
- Choose 4-6 random words
- Combine them with spaces or special characters
- Add some capitalization and numbers
Example: Correct Horse Battery Staple or blue.ELEPHANT@swift42!MARBLE
Random Password Method
Use a password generator to create a truly random password:
- Generate a password with at least 16 characters
- Include all character types
- Use a password manager to store it securely
Example: p7X&tQ9Z$mR2vN4*
Password Manager Recommendations
We strongly recommend using a password manager to generate and store unique, complex passwords for each service you use. Popular options include:
- Bitwarden
- 1Password
- KeePassXC
- LastPass
- Dashlane
Browser Password Strength Evaluation
This tool uses the following approaches to evaluate passwords:
- Character analysis: Checks length and character types
- Pattern detection: Looks for common patterns and sequences
- Dictionary checking: Compares against common password lists
- Entropy calculation: Estimates mathematical strength
- Breach checking: Checks if the password has appeared in known breaches
Security Considerations
When evaluating passwords:
- Never share your passwords: Even with this tool, your password is processed locally in your browser
- Use unique passwords: Each account should have a different password
- Change compromised passwords: If your password appears in a data breach, change it immediately
- Enable MFA/2FA: Add an extra layer of security with multi-factor authentication
- Regularly update critical passwords: Change passwords for sensitive accounts periodically
Additional Resources
For more information on password security: