See how strong a password really is. This estimates its entropy and rough time-to-crack, and tells you exactly how to improve it — all locally in your browser. Nothing is sent or stored.
Runs locally — nothing is sent or stored.
Strength here is based on entropy — roughly, how many guesses an attacker would need. It grows with both length and the variety of characters. A short password with symbols is still weak; a long one is exponentially stronger. The crack-time estimate assumes fast offline guessing, so treat 'centuries' as comfortable and anything under 'years' as risky for important accounts. And never reuse a strong password across sites.
Yes — the check runs entirely in your browser. Your password is never transmitted, logged or stored; it disappears when you close the tab. Still, avoid testing your exact live passwords anywhere as a habit.
Entropy estimates how unpredictable a password is, in bits. More length and a wider mix of character types means higher entropy and exponentially more guesses to crack.
At least 16 characters, ideally 20+ for important accounts. Length matters more than swapping a few letters for symbols, though mixing character types helps too.
Not in your head or a notepad. A password manager like Passpack stores and fills them securely, and adds encrypted shared vaults for teams — so you only remember one master password.
This tool is free and runs entirely in your browser. The link above is an affiliate link: we may earn a commission if you sign up, at no extra cost to you, and it never changes our honest take.