The Quick Answer
Password strength is measured by entropy — the number of bits of randomness in a password. More entropy means exponentially more guesses required to crack it.
A truly random 12-character password using uppercase, lowercase, digits, and symbols has roughly 79 bits of entropy and would take billions of years to brute-force at 1 billion guesses per second.
Length matters more than complexity. A random 16-character lowercase password (~75 bits) is stronger than a random 8-character password with all character types (~52 bits).
What Is Password Entropy?
Entropy measures how unpredictable a password is. It answers the question: if an attacker tries every possible combination, how many attempts would they need?
The formula for a randomly generated password is:
entropy (bits) = length × log₂(charset size)
Where charset size is the number of possible characters:
| Character Set | Size | Entropy per Character |
|---|---|---|
| Lowercase only (a-z) | 26 | 4.7 bits |
| Mixed case (a-z, A-Z) | 52 | 5.7 bits |
| Mixed case + digits | 62 | 6.0 bits |
| Mixed case + digits + symbols | 94 | 6.6 bits |
Each additional bit of entropy doubles the number of possible passwords. A 60-bit password has 2× as many combinations as a 59-bit password.
How Crack Time Is Estimated
Crack time depends on:
- The number of possible combinations (2^entropy)
- Attack speed (guesses per second)
- Attack method (brute force, dictionary, or hybrid)
Modern GPUs can compute approximately 1 billion password hashes per second for common algorithms like MD5. More secure hashing algorithms (bcrypt, Argon2) are intentionally slower, reducing this to thousands or tens of thousands of guesses per second.
Brute-Force Time at 1 Billion Guesses/Second
| Entropy (bits) | Combinations | Average Crack Time |
|---|---|---|
| 30 | ~1 billion | ~0.5 seconds |
| 40 | ~1 trillion | ~9 minutes |
| 50 | ~1 quadrillion | ~6.5 days |
| 60 | ~1.15 × 10¹⁸ | ~18 years |
| 70 | ~1.18 × 10²¹ | ~18,800 years |
| 80 | ~1.21 × 10²⁴ | ~19 million years |
| 100 | ~1.27 × 10³⁰ | ~20 trillion years |
The jump from 40 to 60 bits is the difference between 9 minutes and 18 years. That's the power of exponential growth.
Why Length Beats Complexity
A common misconception: adding symbols makes a password dramatically stronger. It helps, but length has a larger effect.
Compare these two passwords:
kR#9xQ$2— 8 characters, all types → ~52.4 bitstmberknackplume— 15 lowercase characters → ~70.5 bits
The longer lowercase password is about 250,000 times harder to brute-force than the shorter complex one.
This does not mean complexity is useless. The strongest approach combines length and diversity. But if you have to choose, choose length.
The Problem with "Common" Passwords
Entropy calculations assume a truly random password. Most human-chosen passwords are not random:
- Dictionary words ("sunshine", "dragon") appear in password lists
- Predictable substitutions ("P@ssw0rd", "h3llo") are well-known to attackers
- Keyboard patterns ("qwerty", "123456") are tried first
- Personal information (names, dates) can be researched
Attackers do not start with brute force. They start with:
- Lists of billions of leaked passwords
- Dictionaries with common words and variations
- Rules-based mutations (capitalize first letter, add "!" at end, substitute "a" → "@")
A password like Summer2025! technically uses four character types, but it follows such a common pattern that it would likely be cracked in seconds through a dictionary attack.
Passphrases: The Practical Alternative
A passphrase is a sequence of randomly chosen words. The idea was popularized by the XKCD "correct horse battery staple" comic and the Diceware method.
How Passphrase Entropy Works
Instead of characters, the "charset" is the word list. With a 7,776-word list (standard Diceware):
| Words | Entropy | Example |
|---|---|---|
| 3 | ~38.8 bits | "timer lens graft" |
| 4 | ~51.7 bits | "correct horse battery staple" |
| 5 | ~64.6 bits | "timber knack plume oyster crank" |
| 6 | ~77.5 bits | "fickle frown rebate plaza onset ivory" |
A 5-word passphrase provides solid protection for most purposes. For high-value accounts, use 6 words.
Rules for Strong Passphrases
- Words must be randomly selected. Not a sentence you composed. Use dice or a random generator.
- Avoid famous phrases. "to be or not to be" is in every dictionary.
- Consider adding a symbol or number between words for extra entropy without much memorization cost.
What Makes a Password "Strong Enough"?
There is no single answer — it depends on the threat model:
| Use Case | Recommended Entropy | Example |
|---|---|---|
| Low-value accounts (forums) | 40+ bits | 8-char mixed or 3-word passphrase |
| Standard accounts (email, social) | 60+ bits | 12-char mixed or 5-word passphrase |
| High-value accounts (banking) | 80+ bits | 16-char mixed or 6-word passphrase |
| Master password (password manager) | 80+ bits | 6-word passphrase you can memorize |
| Encryption keys | 128+ bits | 20+ random chars or 10+ word passphrase |
These assume the password is truly random. If it contains any predictable pattern, effective entropy is lower.
Password Managers: The Practical Solution
Remembering a unique random password for every account is impractical without help. A password manager:
- Generates strong random passwords automatically
- Stores them encrypted behind one master password
- Fills them on login, so you never type them
- Eliminates reuse — the single biggest password vulnerability
You only need to memorize one strong master passphrase. Everything else is handled.
Common Mistakes to Avoid
- Reusing passwords across accounts. One breach exposes all accounts with that password.
- Incrementing passwords. "Password1", "Password2", "Password3" — attackers know this pattern.
- Storing passwords in plain text. A sticky note or unencrypted text file is not secure.
- Relying solely on complexity rules. "Tr0ub4dor&3" meets most complexity requirements but has only ~28 bits of effective entropy due to its predictable structure.
- Ignoring two-factor authentication. Even a strong password can be phished. A second factor (app-based, not SMS when possible) adds a critical layer.
Testing Your Passwords
Use a password strength checker to see the entropy and estimated crack time of your passwords. Keep in mind:
- The tool measures theoretical strength assuming randomness
- Dictionary words and patterns reduce real-world strength below the entropy estimate
- A "strong" rating means resistant to brute force, not resistant to phishing or social engineering
Password Strength Checker
Analyze entropy, crack time, and character diversity of any password. Runs entirely in your browser.
Check Password StrengthKey Takeaways
- Entropy = length × log₂(charset size). More bits = exponentially harder to crack.
- Length matters more than complexity. A long password with fewer character types often beats a short complex one.
- Random is essential. Human-chosen patterns are predictable. Use a generator.
- Use a password manager. One strong master passphrase + unique random passwords for everything else.
- Enable two-factor authentication. Passwords alone are not enough for important accounts.
Related Tools
- Password Strength Checker — Analyze entropy and crack time estimates
- Password Generator — Generate random secure passwords
- Hash Generator — See how passwords are hashed with MD5, SHA-256, SHA-512