See exactly how long your password would actually take to crack, whether it has already
shown up in a
real data breach,
and which specific weaknesses are dragging your score down — all analyzed locally in your
browser. Nothing you type here is ever sent to our servers.
Click Check Password (or press Enter) to run the analysis
--/ 100
Signal breakdown
Signal
Detected value
Status
Length
Waiting for input…
--
Pending
Character variety
Waiting for input…
--
Pending
Entropy
Waiting for input…
--
Pending
Breach database exposure
Waiting for input…
--
Pending
Predictable patterns
Waiting for input…
--
Pending
Estimated crack time
Waiting for input…
--
Pending
Signal results will appear here after you click Check Password
This field does not block paste — password manager autofill works normally.
Scored using published entropy and crack-time models, not a black-box formula. View methodology
What this checker analyzes — 6 signals
Length
Length is the single biggest driver of crack time — every extra character multiplies the total keyspace an attacker has to search, far more than adding character-set complexity does. A 16-character lowercase-only password is harder to brute-force than an 8-character password mixing all four character classes.
Character variety
Checks whether your password draws from uppercase letters, lowercase letters, digits, and symbols. Variety expands the keyspace per character position, but only matters once length is already sufficient — four character classes in an 8-character password is still weak.
Entropy
Entropy is measured in bits and represents how many guesses, on average, a brute-force attacker needs before finding your password — calculated as log2(keyspace^length). It is the closest thing to an objective strength number, independent of any specific attacker's hardware.
Breach database exposure
Checks your password against Have I Been Pwned's database of 800M+ passwords seen in real breaches, using the k-anonymity model: only the first 5 characters of the SHA-1 hash leave your browser, and HIBP returns a list of matching suffixes for local comparison — your actual password is never transmitted or logged anywhere.
Predictable patterns
Detects the patterns that raw entropy math misses entirely: keyboard walks (qwerty, asdfgh), sequential runs (123456, abcdef), repeated characters (aaaa1111), and leetspeak substitutions of dictionary words (p4ssw0rd). Password crackers try these patterns before anything else — they cost almost nothing to check.
Estimated crack time
Translates entropy into a real-world number using published hardware benchmarks for both fast unsalted hashing (billions of guesses/sec on modern GPU rigs) and slow, properly-salted hashing algorithms like bcrypt or Argon2 (tens of thousands of guesses/sec) — because those two scenarios produce wildly different outcomes for the same password.
How passwords are actually cracked
Brute force
Every possible character combination is tried in order until one matches. Effective only against short passwords or weakly-salted hashes — a 8-character random password can fall in hours against an unsalted fast hash, while the same password against a properly salted bcrypt hash can take years.
Dictionary & wordlist attacks
Attackers try real words, names, and known-leaked passwords first — lists like RockYou (14M+ real passwords from a 2009 breach) — combined with common substitutions (a→4, e→3, o→0). This is why "Tr0ub4dor&3" is weaker than its entropy score alone suggests.
Credential stuffing
Attackers replay username/password pairs stolen from one breach against completely unrelated sites, betting on password reuse. This doesn't care how strong your password is — it only works if you've used the same password somewhere that was breached.
Rainbow table attacks
Precomputed tables map billions of hash outputs back to plaintext instantly. Modern systems defend against this with per-password salting, but any site still using unsalted MD5 or SHA-1 for password storage is fully exposed to this method regardless of password strength.
How detectable is each password style?
Example
Entropy
Est. crack time
Verdict
Why
123456
~7 bits
instant
Critical
Top entry on every breach password list. Tried before any brute-force attempt even begins.
password123
~24 bits
instant
Critical
Dictionary word plus a predictable numeric suffix — one of the first patterns any wordlist attack tries.
Tr0ub4dor&3
~52 bits
~8 hours (fast hash)
Weak
Reasonable entropy score, but it is a dictionary word with leetspeak substitution — a well-known targeted pattern.
random 16-char (a-z, A-Z, 0-9)
~95 bits
~34,000 years (fast hash)
Strong
No dictionary structure and no shortcuts available — an attacker is forced into pure brute force.
6-word diceware passphrase
~77 bits, unique wording
trillions of years
Excellent
Randomly generated from a fixed wordlist — high entropy and genuinely memorable, the combination most password advice fails to deliver.
Stop remembering weak passwords — store strong ones instead
A password manager generates and autofills a unique, high-entropy password for every
site, so length and randomness stop being something you have to remember. The three
below are independently well-regarded — pick based on the workflow that fits you, not
just the cheapest plan.
1
1Password
Travel Mode hides entire vaults when crossing borders, and family/business sharing is best-in-class.
No. Every check — length, character variety, entropy, pattern detection, and crack-time estimation — runs entirely in your browser using JavaScript. Nothing is sent to PrivacyTestLab servers, logged, or stored. The only network request this tool makes is the optional breach database check, and that request never contains your actual password — see the next question for exactly how that works.
This tool uses the Have I Been Pwned k-anonymity API. Your password is hashed locally with SHA-1, and only the first 5 characters of that hash are sent over the network. HIBP responds with every breached password suffix that shares those first 5 characters — often hundreds of them — and your browser checks locally whether your full hash appears in that list. The server never sees your password or your full hash, only an ambiguous 5-character prefix shared by many thousands of unrelated passwords.
Entropy, measured in bits, estimates how many guesses a brute-force attacker needs on average before finding your password, calculated as log2(keyspace^length). Each additional bit doubles the search space. 40 bits is trivial for modern hardware, 60 bits is solid for most personal accounts, and 80+ bits is effectively unbreakable by brute force with current technology. Entropy alone can overstate real-world strength, though — it assumes truly random characters and doesn't account for dictionary words or known patterns, which is why this tool also runs separate pattern detection.
Keyspace grows exponentially with length but only linearly with character-set size. Adding a single extra character to a random password multiplies the total keyspace by the size of your character set, while adding one more character class (say, symbols on top of letters and digits) only multiplies each position by a small constant. In practice, a 16-character lowercase-only passphrase is harder to brute-force than an 8-character password using all four character classes.
Reputable password managers encrypt your vault locally before it ever leaves your device, using a zero-knowledge architecture — the provider cannot read your stored passwords even if their servers are breached, which has happened to more than one major provider without vault contents being exposed. The real risk is a weak or reused master password, since that single password is what everything else depends on. Use a long, unique passphrase for your master password and enable two-factor authentication on the vault itself.
Crack time depends entirely on how the destination site stored your password, not just on the password itself. Against a fast, unsalted hash like raw MD5 or SHA-1, modern GPU hardware can attempt tens of billions of guesses per second. Against a properly salted, deliberately slow algorithm like bcrypt or Argon2, the same hardware might manage only tens of thousands of guesses per second — a difference of five to six orders of magnitude for the identical password. Since you never know which one a given site uses, treat the faster, more conservative estimate as the one that matters.