256 Tools

Password Strength Checker

Your password is checked in your browser and is never sent or stored.

Related external sites

Some links are affiliate links.

1PasswordA password manager that securely stores all your logins in one encrypted vault. Generates strong passwords automatically and fills them in with a single click. Available for individuals, families, and business teams.NordPassA password manager from the makers of NordVPN, built on zero-knowledge architecture. Protects your data with XChaCha20 encryption and syncs across all your devices. Supports passkeys and biometric login.

Related tools

Password GeneratorGenerate strong random passwords or easy-to-remember passphrases with crypto randomness. Exclude ambiguous characters, guarantee at least one of each type. Runs in your browser — nothing is uploaded.JSON FormatterBeautify, minify and validate JSON in your browser. Broken JSON? See exactly which line and column is wrong, with the spot highlighted.Base64 Encode / DecodeEncode text to Base64 or decode Base64 to text instantly — UTF-8 safe (Japanese & emoji work), URL-safe Base64, image to data URL with preview. All in your browser.Regex TesterTest regular expressions with live match highlighting, capture groups, flags and a replace preview — runs in your browser, nothing uploaded.

Check how strong a password is. You get an entropy-based strength score, an estimated time to crack it by brute force, which character types it uses, and specific weaknesses to fix. It is checked entirely in your browser — your password is never sent or stored.

How to use

  1. Type or paste a password (use show/hide as needed).
  2. Read the strength score and estimated crack time.
  3. Fix any listed weaknesses to make it stronger.

How it works

Strength is estimated from entropy: the number of possible character types (lowercase, uppercase, digits, symbols) sets a pool size, and entropy grows with length and pool size. The crack-time estimate divides the number of possible combinations by a fast guessing rate. Common passwords, sequences and repeats are flagged because attackers try those first.

A strength meter mostly filled, indicating a strong password.

Features

Entropy score

A 0–4 strength rating based on estimated entropy in bits.

Crack-time estimate

An approximate time to brute-force the password.

Weakness checks

Flags common passwords, sequences, repeats and lack of variety.

Fully private

Everything is checked in your browser; nothing is sent or stored.

When to use it

New accounts

Test a password before you set it on an important account.

Audit existing

Check whether a password you already use is strong enough.

Teaching

Show how length and variety dramatically change strength.

Before a manager

Sanity-check passwords while moving to a password manager.

Notes

  • The score is an estimate, not a guarantee of safety.
  • The common-password check is a small sample, not exhaustive.
  • Crack time assumes a fast offline attack; online limits differ.
  • Your password is never sent or stored — it stays in this page only.

FAQ

Is it safe to type my password here?
Yes. The check runs entirely in your browser and nothing is sent or stored. Still, avoid doing it on a shared or untrusted computer.
What is entropy?
Entropy measures how unpredictable a password is, in bits. More length and more character variety mean higher entropy and a stronger password.
How many characters should I use?
At least 8, but 12 or more with a mix of letters, digits and symbols is much safer. A long passphrase also works well.
Is the crack time exact?
No. It is a rough estimate based on a fast guessing rate. Real-world times vary with the attacker and how the password is stored.
Is my password stored?
No. It lives only in the page while you use it and is never saved or transmitted.

We use cookies for ads and analytics.