✨ Generators

Password Strength Checker

Type a password and see its strength estimated on the spot from length, character variety and entropy — plus what to fix. Your input is never sent anywhere; the evaluation happens entirely in your browser. No network request is made.

Your password never leaves the page. Everything is evaluated in your browser.

How to Use the Password Strength Checker

Click one of the Examples (click to try) chips above the field to drop a sample straight into the input and see the strength bar and rating update instantly. When you type your own password, the strength bar and rating (Very weak to Very strong), along with the character count, character types and estimated entropy, are judged live on every keystroke — there's no button to press. Use the tips to shape a stronger password. Your input is never sent anywhere; the evaluation happens entirely in your browser.

Here's a concrete example of why length, character variety and dictionary words change the strength so much. The password password (8 characters, lowercase only, a dictionary word) is a common word on its own, so it's cracked instantly and rated "Very weak." Dressing it up as Pa$$w0rd! with symbols and digits barely helps, because the original word still shows through. By contrast, a string of unrelated words like correct-horse-battery-staple is 28 characters long and isn't a simple dictionary entry, so its estimated entropy is large and it's rated "Very strong." In numbers, "long and unpredictable" beats "short with symbols."

  • Length: Length matters most. Aim for at least 12 characters, ideally 16 or more.
  • Character types: Mixing lowercase, uppercase, digits and symbols widens the brute-force space.
  • Estimated entropy: A bit-based measure of how hard the password is to guess. Higher is stronger.
  • Show / Hide: Use the button on the right to toggle the visibility of what you're typing.

When This Comes in Handy

  • Checking that a password you're about to set on a new account is strong enough.
  • Revisiting a short, reused password and turning it into something stronger.
  • Getting a quick sense of how strong a password-manager-generated string is.
  • Showing family or teammates what actually makes a password strong.

Tips for a Strong Password

  • Making a password longer helps more than adding symbols to a short one.
  • A passphrase of a few unrelated words is long, memorable and strong.
  • Avoid predictable strings like "password", "123456", "qwerty", names or birthdays.
  • Use a different password for each service and keep them in a password manager.

Frequently Asked Questions

Is my password sent to a server?
No. The strength evaluation runs entirely in your browser. The password you type is never transmitted to or stored on any server, and no network request is made — so you can use it with complete confidence.
How is the strength judged?
It measures the length, the number of character types present (lowercase, uppercase, digits, symbols) and the estimated entropy (length times the log2 of the character space). It also flags common weaknesses such as being too short, using a single character type, sequences or repeats, and predictable strings like "password", then shows a five-level rating.
What does entropy (bits) mean?
It is a rough measure of how hard a password is to guess, expressed in bits of information. Higher values resist brute-force attacks better. As a guide, 60 bits or more is fairly strong and 80 bits or more is very strong. It is an upper-bound estimate — if the password contains predictable patterns, its real strength is lower.