Password Strength Checker

Check how strong your password is in your browser. See entropy, crack-time, and get tips to make it stronger — never sent to a server.

About Password Strength Checker

Overview

The Password Strength Checker measures how hard a password is to crack. It works entirely in your browser, so the password you type is never sent anywhere. The tool checks length, the mix of character types, and common patterns like sequences, repeats, and keyboard runs. It also flags passwords that appear on well-known lists of leaked or weak passwords. You get a strength score, an entropy number in bits, and an estimate of how long a modern attack would take to guess the password. Suggestions help you turn a weak password into a strong one.

Features

  • 100% private. Your password is never sent to a server.
  • Shows length, character classes, entropy in bits, and crack-time.
  • Detects common passwords from a built-in list of weak choices.
  • Detects sequences, repeats, and keyboard runs like "qwerty" or "1234".
  • Strength meter with labels from Very Weak to Very Strong.
  • Actionable suggestions to improve weak passwords.
  • Show or hide the password with a single click.
  • Optional live analysis as you type, with a manual check button.
  • Has a dark mode and a responsive design.

How to Use

  1. Type or paste a password into the input field.
  2. Click the eye icon to show or hide the password while you type.
  3. Read the strength meter, entropy, and crack-time estimate.
  4. Review the character-class breakdown and any patterns detected.
  5. Follow the suggestions to make the password stronger.
  6. Click Clear to start over.

FAQ

Is my password sent anywhere?

No. Every check runs in your browser using JavaScript. The password is never sent to a server, never logged, and never stored. You can verify this by opening the tool with the network tab open in your browser.

What is a good entropy number?

A score of 40 bits is weak, 60 bits is decent for everyday accounts, and 80 bits or more is strong. For high-value accounts like email or banking, aim for 100 bits or more, which usually means a long random password.

What is the best way to make a strong password?

Use a password manager to generate a long random password, typically 16 characters or more, made up of letters, numbers, and symbols. Avoid dictionary words, names, dates, and obvious patterns. Never reuse a password across accounts.

Why are common passwords flagged?

Attackers try common passwords first because many people still use them. A password like "123456" or "password" can be cracked instantly because it appears in nearly every wordlist used for password guessing.