How strong is
yours?

Yes. This checker runs entirely locally in your browser. The characters you type never leave your device and are never sent over the network to any server.

Entropy is a mathematical measure of unpredictability. A password with 60 bits of entropy requires roughly 2^60 guesses to crack. The higher the bits, the harder the password is to brute-force.

We estimate crack time based on a hypothetical attacker capable of making 10 billion guesses per second (a conservative estimate for modern, high-end GPU clusters). The actual time depends on the attacker's resources.

Adding symbols like "!" or "@" to the end of a common word (e.g., "password123!") adds very little entropy. Attackers know these common patterns and test them immediately using dictionary attacks.

Usually, yes. A passphrase composed of four or five random words (like "correct horse battery staple") can achieve over 60 bits of entropy while remaining incredibly easy to memorize and type.

Yes. In modern cryptography, length is the biggest contributor to entropy. A 16-character password using only lowercase letters is mathematically stronger than an 8-character password using all character types.

A "Fair" score might be acceptable for a local device or low-value account. However, for critical accounts like banking, email, or a password manager, we strongly recommend generating a password that scores "Strong" or "Excellent".