ZeroUtil

Password Entropy Calculator

Estimate password entropy, character pool size and crack-time ranges for online and offline attacks.

Maintained by

0
Length
0
Pool Size
0 bits
Entropy
Empty
Strength
instant
Online, 100/sec
instant
Fast hash, 100B/sec
instant
Slow hash, 100K/sec
Detected character sets
None yet

How to estimate password entropy

  1. Type or paste a password into the field. The estimate updates locally as you type.
  2. Review the entropy bits. Higher bit counts mean a larger theoretical search space for brute-force guessing.
  3. Compare crack-time models. Online attacks, fast offline hashes and slow password hashes have very different risk levels.
  4. Read the warnings. Repeated characters, common words and short passwords reduce practical security even when the math looks acceptable.

What this calculator measures

The tool estimates entropy from password length and detected character pools: lowercase, uppercase, numbers and symbols. It also flags patterns that make human-generated passwords weaker than random strings with the same length.

When to use it

Use it when comparing passphrases, explaining password policy trade-offs, auditing old credentials or deciding whether a generated password is long enough for a sensitive account.

Important limitations

Entropy estimates are not breach checks. A password can score well and still be unsafe if it has appeared in a leak, was reused, or follows a personal pattern an attacker can guess.

Frequently Asked Questions

Does this upload my password?

No. The calculation runs in your browser from the text you type. The tool does not need a network request to estimate entropy or show crack-time models.

Is entropy the same as real password strength?

Not exactly. Entropy is a useful mathematical estimate, but real attackers use breached-password lists, dictionaries and transformation rules that reduce the strength of human-created passwords.

How many entropy bits should I target?

For most accounts, 60 to 80 bits is a reasonable minimum. For long-term secrets, admin accounts or encryption passphrases, prefer 80+ bits and generate the value with a password manager.

More Security & Privacy

Password Generator

Generate cryptographically secure random passwords with configurable length, character types and entropy display.

Open tool

Password Strength Checker

Check password strength with entropy calculation, pattern detection and common password matching.

Open tool

Security Hash Generator

Generate SHA-1, SHA-256, SHA-384 and SHA-512 hashes from text or files using the Web Crypto API.

Open tool

TOTP Generator

Generate time-based one-time passwords (TOTP) from a base32 secret with live 30-second countdown.

Open tool

CSP Header Generator

Build Content-Security-Policy headers with a visual form, presets and per-directive configuration.

Open tool

Basic Auth Header Generator

Create HTTP Basic Authentication headers from a username and password or API token.

Open tool