Password strength lab
Most strength meters are a black box. This one shows its work: the entropy math, the patterns an attacker exploits, and what they mean in real cracking time. Everything runs locally — the password never leaves this page.
How it works
The analyser starts from the brute-force ceiling: a password of length L drawn from a character pool of size P has at most L × log₂(P) bits of entropy. Real attackers never brute-force blindly, though — they run ordered wordlists and mangling rules first. So the model hunts for the same structure those rules exploit: top-guessed passwords (with l33t substitutions normalised away), dictionary words, keyboard walks, ascending or descending sequences, repeats, and years. Each finding replaces its share of the naive entropy with what the pattern actually costs an informed attacker — a year is worth ~7 bits, not the ~13 its digits suggest, because there are only about 130 plausible ones.
The crack-time table converts the resulting guess count into wall-clock time under four explicit attacker profiles, from a rate-limited login form (~10 guesses/s) to an offline GPU rig against fast unsalted hashes (~10¹² guesses/s). The figures are order-of-magnitude estimates on purpose: the spread between the rows — not the precision of any one number — is what should inform how strong a password needs to be.
The optional breach check queries the Have I Been Pwned corpus using k-anonymity: the password is SHA-1 hashed locally and only the first five hex characters of the hash are sent. The API returns every suffix in that bucket and the comparison happens in your browser, so neither the password nor enough of its hash to identify it ever leaves the page. This mirrors the guidance in NIST SP 800-63B: check candidate passwords against known-breached corpora, prefer length over composition rules.
Honest limitations: the embedded dictionaries are deliberately small (a real cracker carries tens of millions of entries), there is no personal-context modelling (names, birthdays, usernames), and no Markov or neural guessing model. Treat a strong verdict here as necessary, not sufficient — and use a password manager either way.