Instantly check your password strength and estimate its crack time, or generate a strong, memorable passphrase — all processing is local in your browser, your password is never sent to any server.
crypto.getRandomValues) for true randomness. Multi-word passphrases are longer, easier to remember, and harder to crack than short complex passwords.
Entropy measures unpredictability in bits. Each additional bit doubles the number of possible combinations. A password with 60+ bits of entropy is considered very strong against modern brute-force attacks.
We estimate crack time assuming an attacker tries 10 billion guesses per second (modern GPU attack). Numbers are approximate and vary depending on the hashing algorithm and storage method used.
Use a unique password for every account, enable two-factor authentication, and avoid personal information or common words. A passphrase of 4 random words is an excellent choice.