🔐 Password Strength Calculator — How Long to Crack?
Type any password and see in real-time: entropy, letter grade, and crack time across 5 hardware tiers (CPU, GPU, GPU cluster, cloud attack, theoretical quantum). 100% client-side — your password never leaves your browser.
100% Client-Side. Your password never leaves your browser. All calculations happen locally in JavaScript.
💻
Standard CPU
Intel i7 · 10B guesses/sec
🎮
RTX 4090 GPU
Single card · 200B guesses/sec
⚡
GPU Cluster (8x RTX 4090)
1.6T guesses/sec
☁️
Cloud Attack (AWS)
100 instances · 20T guesses/sec
🔮
Quantum Computer
Theoretical · sqrt reduction
🔍 Password Analysis
💡 Improvement Tips
How the calculator works
Everything runs in your browser as you type — there are no network requests, no server submissions, no logging. The calculator computes entropy first: how many bits of randomness your password contains, calculated as log2(charset_size ^ length) with adjustments for detected weaknesses. Then it derives the letter grade (A+ through F) from the entropy. Finally it shows the time to brute-force search the entropy space at five different hardware tiers, from a single CPU through theoretical quantum computers.
The 5 hardware tiers explained. Standard CPU (10 billion guesses/sec): a single Intel i7 running optimised hashcat against a fast hash like NTLM or MD5. RTX 4090 GPU (200 billion/sec): a single high-end gaming GPU — the most accessible hash-cracking hardware most attackers have. GPU cluster (1.6 trillion/sec): 8 RTX 4090s, the kind of setup professional pentesters and serious adversaries use. Cloud attack (20 trillion/sec): 100 cloud GPU instances rented for a focused attack — feasible for nation-state or well-resourced criminal operations. Quantum (theoretical, sqrt reduction): based on Grover\'s algorithm, treated as future-context — practical quantum cracking of real passwords does not exist yet.
Important caveat: hash speed assumptions. All crack times assume the attacker has the password hash and uses fast hash algorithms (NTLM, MD5, plain SHA-1). If the password is hashed with bcrypt, scrypt, Argon2, or PBKDF2 (slow hashes designed specifically to resist brute force), the actual crack time can be 100,000 times longer or more. Modern services use slow hashes; legacy systems and database leaks often use fast ones. The "worst case" assumption shown here is conservative — real-world attacks often face slower paths.
Why patterns matter more than length. A 14-character password like "Password123!" gets penalised heavily because the structure is predictable: capitalised dictionary word + common digits + common symbol. A truly random 10-character password from your password manager often scores higher than a 14-character "memorable" password because no pattern reduces the search space. The calculator detects dictionary words (with leetspeak substitutions), keyboard walks (qwerty, asdfgh), repeated characters, and common years — and adjusts the effective entropy down accordingly.
What this calculator does NOT check. It does not check whether your password has appeared in any data breach (use the Password Breach Checker for that — uses HIBP\'s k-anonymity protocol, also keeps the password in your browser). A password can be theoretically strong (A+ grade here) but already breached and useless. Run both: this calculator for new passwords you are creating, the breach checker for passwords already in use.
Five real-world use cases
Testing a password manager master password
Your password manager\'s master password is the most security-critical password you have — it unlocks everything else. Test it here. If it scores below A+, regenerate it. The master password should be a 5-7 word random passphrase (not a sentence you constructed) — easily achievable A+ grade with reasonable memorability.
Generating + verifying a strong password without sending to any server
You can generate a candidate password elsewhere (or have your password manager generate one) and paste it here to verify the strength claim. Since nothing leaves your browser, you can do this with real passwords you intend to actually use. Useful when you want to validate a password manager\'s "strong" rating against an independent calculation.
Educating non-security users about password strength
Have a non-security family member or colleague type their actual password and watch it score. Most people are shocked to see their "strong" password rated B or C. The visible crack-time numbers across hardware tiers make abstract security advice concrete in a way that no amount of "use stronger passwords" lecturing can match.
Comparing passphrase variants during password manager onboarding
Switching to a password manager? You need a strong memorable master password. Generate 3-5 candidate passphrases, test each here, pick the strongest one you can actually remember. The trade-off between strength and memorability becomes concrete with the live grading.
Validating company password policy in security training
If your organisation has a password policy ("8+ chars, must include symbol"), test policy-compliant passwords here. You will discover that policy-compliant does not mean strong — "Welcome1!" technically meets most policies and scores F here. Useful evidence when arguing for policy improvements: minimum length to 12+, allow long passphrases without complexity requirements, mandate password manager use for high-value accounts.
Common mistakes & edge cases
Assuming "complex" means "strong"
"P@ssw0rd!" has all four character classes, meets most complexity policies, and is one of the most-cracked passwords in existence. Complexity rules without length rules produce predictable patterns attackers know. Length and randomness matter; character classes matter much less than people think.
Thinking "I changed the e to 3" makes it strong
Leetspeak substitutions (a→4, e→3, o→0, s→$) are in every cracker\'s rule list. "P4ssw0rd" is checked at the same speed as "password" because the substitution rule is applied automatically. The calculator detects this; cracking tools do too. Substitutions buy you nothing.
Confusing this calculator with breach checking
The strength calculator tells you how strong a password would be against brute force. It does NOT tell you whether the password has already been leaked in a breach. A theoretically-strong password that appeared in a 2019 breach is useless — attackers already have it. Run both checks: strength for new passwords, breach for existing ones.
Reusing an A+ password across multiple accounts
Even an A+ password is dangerous if you reuse it. One breach of any service exposes the password; credential stuffing then tries it everywhere. Strength does not compensate for reuse. Every account needs its own unique password — which is only realistically achievable with a password manager.
Treating the quantum tier as current threat
Practical quantum computers capable of cracking real passwords do not exist yet. The quantum column shows theoretical future capability based on Grover\'s algorithm. Adequate quantum-resistant security exists today (256+ bit symmetric keys, post-quantum key exchange protocols). For password security specifically: ignore the quantum number for current-day decisions, but factor it in when designing 20+ year secrets like long-term encryption keys.
Manually rotating passwords on a schedule
Old security advice ("change passwords every 90 days") was wrong and is now explicitly contradicted by current NIST guidance. Forced rotation creates predictable patterns ("Spring2024!", "Summer2024!") that are weaker than stable strong passwords. Only rotate passwords when there is evidence of compromise — breach disclosure, suspicious activity, device theft. Stable strong-and-unique beats rotated and predictable.
Frequently Asked Questions
Yes. The calculator is 100% client-side — your typed password never leaves your browser, never touches any server, never gets logged anywhere. The grade, entropy, and crack-time numbers are all computed in JavaScript on your device. You can verify this by opening browser dev tools and watching the network tab as you type — no requests are made. That said, normal security hygiene applies: do not type passwords on shared computers or while screen-sharing.
Entropy is calculated as log2(charset_size ^ length) bits, adjusted for detected weaknesses (dictionary words, repeated characters, common patterns like keyboard walks). Charset size depends on which character classes appear: 26 for lowercase only, 52 for mixed case, 62 with digits, 95 with symbols. A 12-character password using all 4 classes has theoretical max entropy of 78.8 bits. Real entropy is usually lower because passwords are not uniformly random.
Each hardware tier shows the time to brute-force search the password's entropy space at that hardware's guess rate. Standard CPU: 10 billion guesses/sec (Intel i7 with optimised hashcat for fast hash). RTX 4090 GPU: 200 billion/sec (single high-end gaming GPU). 8x GPU cluster: 1.6 trillion/sec. Cloud cluster: 20 trillion/sec (100 cloud instances). Quantum: theoretical sqrt() reduction via Grover's algorithm for symmetric crypto. All numbers assume the attacker has the password hash and uses fast hash algorithms (NTLM, MD5). Slow hashes (bcrypt, Argon2) take dramatically longer — sometimes 100,000x or more.
Length alone does not determine strength. Common patterns get penalised: dictionary words (even with substitutions like @ for a), keyboard walks (qwerty, asdfgh), repeated characters, common years, common phrases, leetspeak versions of common passwords. A 14-character "Password123!" is still weak because the structure is predictable. A 14-character random string of the same length is dramatically stronger because no pattern reduces the search space.
For personal accounts: B or higher is acceptable, A is good. For high-value accounts (email, banking, password manager master, SSH keys): aim for A+ — meaning 80+ bits of entropy with no detected patterns. Random passphrases generated by your password manager easily hit A+. Memorable passwords usually max out around B unless you specifically construct them with random word-strings.
Different but complementary. The Breach Checker tells you whether a specific password has been seen in any publicly-disclosed breach (uses HIBP's k-anonymity protocol — your actual password never leaves the browser). The Strength Calculator tells you how strong a password is theoretically against brute-force attacks. A password can be strong (A+ grade) and still be breached if it has appeared in a leak. Use both: Strength Calculator for new passwords, Breach Checker to verify existing passwords are not already exposed.
Yes — but understand they are heuristics, not guarantees. Adding length is the highest-impact improvement (each character adds significant entropy). Adding character classes helps but is overrated by most checkers. Removing detectable patterns (dictionary words, common substitutions, keyboard walks) is essential. The single best practice: use a password manager to generate truly random passwords for every account. Manual passwords always have hidden patterns.
Theoretical only. Practical quantum computers capable of cracking real passwords do not exist yet. Grover's algorithm provides a square-root speedup for symmetric-crypto brute force, which is what the quantum tier shows. For password hashes specifically, the practical impact is "halve the effective entropy bits" — so a 128-bit entropy password becomes effectively 64-bit against quantum brute force. Adequate quantum-resistant security requires 256+ bits of entropy. Treat the quantum tier as future-context, not current threat.
Because gibberish maximises entropy per character. A 16-character random password has more entropy than a 25-character memorable one in most cases. The trade-off: you cannot remember the random one, so you must use the password manager to fill it. That is the design — you remember the manager's master password (which should be a memorable strong passphrase generated by the manager itself or constructed carefully), and the manager handles every other password. Manual memorisation does not scale to dozens of accounts.
A passphrase is a sequence of random words: "correct horse battery staple" (the famous xkcd example). Passphrases are easier to remember than random character strings of equivalent entropy and are recommended by NIST current guidance. A 5-word random passphrase from a 7,776-word list (like Diceware) has ~64 bits of entropy — comparable to a 10-character random password but much more memorable. Use passphrases for passwords you must remember (your password manager master); use random character strings for passwords your manager handles.