How Password Entropy Works
Entropy is a mathematical measurement of a password's unpredictability. A computer attempting to brute-force your password assumes the worst-case scenario: it has to guess every single possible combination of characters before stumbling upon yours.
Length vs Complexity
The total number of possible combinations equals C^L (where C is the pool of characters, and L is the length of the string). Consequently, adding length to a password increases complexity exponentially rather than linearly.
- An 8-character password utilizing mixed casing, numbers, and symbols takes roughly 39 minutes to crack on modern GPU rigs.
- A 16-character password using only lowercase letters takes roughly 11 million years.
Therefore, deploying a "passphrase" (e.g., correct-horse-battery-staple) is both mathematically wildly more secure and cognitively easier for humans to memorize than a scrambled nightmare like Tr0ub4dor&3.
Browser Security Guarantee
This checker utilizes Javascript algorithmic heuristics to calculate strength right on your device. Zero data points, telemetry, or network traffic request are ever made containing the characters you input into the box above.