,.?/\\`~'
},
get analysis() {
if (!this.password) {
return {
score: 0,
label: 'Enter a password',
color: 'slate',
entropy: 0,
crackTime: 'N/A',
hasLower: false,
hasUpper: false,
hasNumber: false,
hasSymbol: false,
length: 0,
poolSize: 0,
tips: []
};
}
const pw = this.password;
const length = pw.length;
// Check character types
const hasLower = /[a-z]/.test(pw);
const hasUpper = /[A-Z]/.test(pw);
const hasNumber = /[0-9]/.test(pw);
const hasSymbol = /[^a-zA-Z0-9]/.test(pw);
// Calculate pool size
let poolSize = 0;
if (hasLower) poolSize += 26;
if (hasUpper) poolSize += 26;
if (hasNumber) poolSize += 10;
if (hasSymbol) poolSize += 32;
// Calculate entropy
const entropy = poolSize > 0 ? Math.round(length * Math.log2(poolSize)) : 0;
// Calculate crack time
const combinations = Math.pow(poolSize, length);
const guessesPerSecond = 10000000000; // 10 billion guesses/second
const seconds = combinations / guessesPerSecond;
const crackTime = this.formatTime(seconds);
// Calculate score (0-100)
let score = 0;
// Length scoring (up to 40 points)
if (length >= 8) score += 10;
if (length >= 12) score += 15;
if (length >= 16) score += 10;
if (length >= 20) score += 5;
// Character variety (up to 40 points)
if (hasLower) score += 10;
if (hasUpper) score += 10;
if (hasNumber) score += 10;
if (hasSymbol) score += 10;
// Entropy bonus (up to 20 points)
if (entropy >= 40) score += 5;
if (entropy >= 60) score += 5;
if (entropy >= 80) score += 5;
if (entropy >= 100) score += 5;
// Penalties for common patterns
if (/^[a-zA-Z]+$/.test(pw)) score -= 10; // Letters only
if (/^[0-9]+$/.test(pw)) score -= 15; // Numbers only
if (/(.)\1{2,}/.test(pw)) score -= 10; // Repeated characters
if (/^(password|123456|qwerty|admin|letmein|welcome)/i.test(pw)) score -= 30; // Common passwords
score = Math.max(0, Math.min(100, score));
// Determine label and color
let label, color;
if (score < 25) {
label = 'Very Weak';
color = 'red';
} else if (score < 50) {
label = 'Weak';
color = 'orange';
} else if (score < 75) {
label = 'Fair';
color = 'amber';
} else if (score < 90) {
label = 'Strong';
color = 'emerald';
} else {
label = 'Very Strong';
color = 'violet';
}
// Generate tips
const tips = [];
if (length < 12) tips.push('Use 12 or more characters');
if (!hasLower) tips.push('Add lowercase letters (a-z)');
if (!hasUpper) tips.push('Add uppercase letters (A-Z)');
if (!hasNumber) tips.push('Add numbers (0-9)');
if (!hasSymbol) tips.push('Add symbols (!@#$%)');
if (/(.)\1{2,}/.test(pw)) tips.push('Avoid repeating characters');
if (/^(password|123456|qwerty)/i.test(pw)) tips.push('Avoid common password patterns');
return {
score,
label,
color,
entropy,
crackTime,
hasLower,
hasUpper,
hasNumber,
hasSymbol,
length,
poolSize,
tips
};
},
formatTime(seconds) {
if (!isFinite(seconds) || seconds < 0) return 'Instantly';
if (seconds < 1) return 'Instantly';
if (seconds < 60) return Math.round(seconds) + ' seconds';
if (seconds < 3600) return Math.round(seconds / 60) + ' minutes';
if (seconds < 86400) return Math.round(seconds / 3600) + ' hours';
if (seconds < 2592000) return Math.round(seconds / 86400) + ' days';
if (seconds < 31536000) return Math.round(seconds / 2592000) + ' months';
if (seconds < 31536000 * 100) return Math.round(seconds / 31536000) + ' years';
if (seconds < 31536000 * 1000000) return Math.round(seconds / 31536000).toLocaleString() + ' years';
return 'Centuries';
},
getColorClasses(color) {
const colors = {
slate: { bg: 'bg-slate-500', text: 'text-slate-500', bgLight: 'bg-slate-100 dark:bg-slate-800' },
red: { bg: 'bg-red-500', text: 'text-red-500', bgLight: 'bg-red-50 dark:bg-red-900/20' },
orange: { bg: 'bg-orange-500', text: 'text-orange-500', bgLight: 'bg-orange-50 dark:bg-orange-900/20' },
amber: { bg: 'bg-amber-500', text: 'text-amber-500', bgLight: 'bg-amber-50 dark:bg-amber-900/20' },
emerald: { bg: 'bg-emerald-500', text: 'text-emerald-500', bgLight: 'bg-emerald-50 dark:bg-emerald-900/20' },
violet: { bg: 'bg-violet-500', text: 'text-violet-500', bgLight: 'bg-violet-50 dark:bg-violet-900/20' }
};
return colors[color] || colors.slate;
},
clear() {
this.password = '';
this.showPassword = false;
}
}">
Password Strength Checker
Check your password strength instantly with detailed security analysis. Get entropy calculation, crack time estimation, and personalized tips to create stronger passwords.
🔒 Your password is analyzed locally in your browser and is never sent to any server.
Password Strength
📏
Length
🎲
Entropy
🔤
Pool Size
Possible characters
⏱️
Crack Time
At 10B guesses/sec
Lowercase (a-z)
Uppercase (A-Z)
Numbers (0-9)
Symbols (!@#$)
💡
Tips to Improve
- •
🎉
Great password!
Your password meets all security recommendations.
💡 How to Use This Tool
Check your password security in seconds with real-time analysis. Follow these simple steps:
1
Enter Your Password
Type or paste the password you want to check in the input field.
2
View Strength Analysis
See the real-time strength meter and score as you type.
3
Check Details
Review entropy, crack time, and character composition breakdown.
4
Follow Tips
Use the improvement suggestions to create a stronger password.
📖 About Password Strength Checker
What is Password Strength?
Password strength is a measure of how resistant a password is to being guessed or cracked by attackers. It depends on factors like length, character variety, randomness, and whether the password follows common patterns.
How We Measure Strength
1. Entropy (Bits)
Entropy measures the randomness of your password. Higher entropy means more possible combinations an attacker would need to try. A password with 60+ bits of entropy is considered strong for most purposes.
2. Character Composition
We analyze what types of characters your password contains:
- Uppercase letters (A-Z): 26 possible characters
- Lowercase letters (a-z): 26 possible characters
- Numbers (0-9): 10 possible characters
- Symbols (!@#$%): 32+ possible characters
3. Crack Time Estimation
We estimate how long it would take to crack your password using modern attack methods, assuming billions of guesses per second.
Password Security Best Practices
- Use 12+ characters minimum - Longer passwords are exponentially harder to crack
- Mix character types - Include uppercase, lowercase, numbers, and symbols
- Avoid common patterns - Don't use keyboard walks like 'qwerty' or '123456'
- Don't reuse passwords - Each account should have a unique password
- Use a password manager - Let software generate and store complex passwords
- Enable 2FA - Add a second layer of security beyond just passwords
Privacy First
Your password is analyzed entirely in your browser. We never transmit, store, or log any passwords you enter. All calculations happen locally on your device.
❓ Frequently Asked Questions
No! All password analysis happens entirely in your browser using JavaScript. Your password never leaves your device and is never transmitted, stored, or logged anywhere.
A strong password should be at least 12-16 characters long and include a mix of uppercase letters, lowercase letters, numbers, and special symbols. Avoid dictionary words, personal information, and common patterns like "123456" or "qwerty".
Entropy measures the randomness and unpredictability of your password in bits. Higher entropy means more possible combinations an attacker would need to try. A password with 60+ bits of entropy is generally considered strong.
We estimate crack time by calculating the total number of possible password combinations based on length and character set, then dividing by an assumed attack rate of 10 billion guesses per second (modern GPU-based attacks).
While this tool is completely private and secure, we recommend using it to understand password strength concepts rather than testing your actual passwords. For real accounts, always use a password manager to generate and store unique passwords.