At SecureGenie, we use entropy-based measurement to calculate password strength. Entropy is a mathematical way to measure the unpredictability or randomness of a password.
Our algorithm considers:
The formula we use is based on information theory: Entropy = log2(CharsetSize) × Length, where CharsetSize is the number of possible characters in each position.
| Strength | Entropy (bits) | Time to Crack |
|---|---|---|
| Very Weak | < 36 bits | Seconds to minutes |
| Weak | 36-59 bits | Hours to days |
| Medium | 60-79 bits | Weeks to years |
| Strong | 80-99 bits | Decades |
| Very Strong | 100+ bits | Centuries |
Hackers use lists of common words and passwords to try to guess your password. If your password is a common word or phrase, it can be cracked in seconds.
These attacks try every possible combination of characters until the correct password is found. Shorter passwords with smaller character sets are much quicker to crack.
These target common password patterns like substituting numbers for letters (e.g., "p@ssw0rd"), keyboard patterns, or adding numbers at the end of words.
Entropy is measured in bits, and each bit doubles the number of possible password combinations. A password with 50 bits of entropy has 2^50 (about 1 quadrillion) possible combinations.
For comparison: