Password Strength Tester

The Problem with Complexity

For years, IT departments forced us to create passwords like P@$$w0rd123!. We thought we were being clever by swapping 'a' for '@' and 's' for '$'.

The Bad News: Computers know these tricks. They are called "Mask Attacks". A hacker's rig can guess P@$$w0rd just as fast as password.

A passphrase is a sequence of random words. The concept was popularized by the famous XKCD comic "Correct Horse Battery Staple".

Instead of Tr0ub4dor&3 (Hard to remember, easy to guess), you use correct horse battery staple (Easy to remember, hard to guess).

Entropy is a measure of randomness or disorder.

Short & Complex: &y8#b2 has about 30 bits of entropy. A modern GPU can crack this in seconds.
Long & Simple: purple elephant dancing salsa has about 60+ bits of entropy (if words are random). It would take centuries to crack.

Length is the most critical factor. Each character you add exponentially increases the time it takes to crack.

The Dice Method (Diceware): Ideally, use a random number generator or roll dice to pick 4-5 words from a list.

If you make it up yourself, avoid common phrases like lyrics ("IsThisTheRealLife") or idioms. Our brains aren't very random.

Good: Solar-Pizza-Wallet-Jump-2026
Bad: I-Love-My-Baby-Girl