Password Strength Checker

Link copied

Test how strong a password really is, entirely in your browser. Type or paste a password and instantly see an entropy estimate, a five-tier strength rating, the character classes it uses, and a rough offline crack-time. The checker goes beyond counting character types: it flags common leaked passwords, dictionary words, sequential runs like “1234”, repeated characters, repeated patterns, keyboard walks like “qwerty”, and embedded years, then discounts the score for that predictable structure. You also get specific, actionable suggestions for making it stronger. Nothing is ever sent to a server, logged, or stored, so it is safe to test real passwords. Pair it with the Password Generator to create a strong one. Free, fast, and private.

Checked entirely in your browser. Your password is never sent anywhere, logged, or stored.

How to use

Type or paste a password into the box — use Show to reveal it while you check. The strength meter, estimated entropy in bits, alphabet size, and crack-time update as you type. Review the Weaknesses found section for predictable patterns and the How to improve it section for concrete fixes, then adjust your password until the rating reaches Strong or Very strong.

Frequently asked questions

Is my password sent anywhere?
No. The entire analysis runs locally in JavaScript in your browser — your password is never transmitted to a server, logged, or stored. That makes it safe to test passwords you actually use. As always, only enter a password on a site you trust.
How is the strength estimated?
The checker computes a baseline entropy from the password's length and the size of the character set it draws from, then reduces that estimate when it detects predictable structure — common passwords, dictionary words, sequences, repeats, keyboard patterns, and years. The result is mapped to five tiers (very weak to very strong) and a rough crack-time assuming a fast offline attacker. It is a heuristic guide, not a guarantee.
What makes a password strong?
Length matters most: aim for at least 12–16 characters. Mixing lowercase, uppercase, digits, and symbols increases the alphabet an attacker must search, and avoiding common words, sequences, and keyboard patterns removes easy shortcuts. A long passphrase of several unrelated words is both strong and easy to remember. For truly random passwords, use a generator and a password manager.