The password entropy calculator measures how hard a password is to guess by working out its entropy in bits, the standard way security professionals describe strength. Entropy depends on two things, how long the password is and how large the pool of possible characters is, so a long password drawn from a mix of cases, digits and symbols scores far higher than a short word. The tool inspects your password, counts which character types it uses, lowercase, uppercase, digits and symbols, and adds up the size of that combined pool. It then multiplies the length by the base two logarithm of the pool size to give the entropy in bits, where each extra bit doubles the number of guesses an attacker would need. Alongside the bit count you get a plain strength rating and a rough estimate of how long a fast offline attack at ten billion guesses a second would take on average, which turns an abstract number into something you can feel. Anyone choosing a password for email, banking or a work login can use it to sanity check a choice before committing to it. A few habits make a real difference. Favour length over complexity, because adding characters raises entropy faster than swapping a letter for a symbol. Use a passphrase of several unrelated words, or let a password manager generate a long random string. Never reuse a strong password across sites, since one breach then exposes them all. This tool runs entirely in your browser and the password you type is never sent anywhere, but you should still avoid pasting a real password you currently use into any website.
Entropy = length x log2(character pool size). Crack time assumes ten billion guesses a second, on average. Rough guide only, not a security guarantee.
The tool counts how many character types your password uses and adds their sizes to get the pool, where lowercase and uppercase are 26 each, digits are 10 and symbols are 33. It multiplies the password length by the base two logarithm of that pool to get the entropy in bits, then converts the bits into an average crack time at ten billion guesses a second.
The password Tr0ub4dour has 10 characters using lowercase, uppercase and digits, a pool of 62. Ten times log2 of 62 is about 59.5 bits, which rates as Reasonable, and the average crack time works out near 1 year.
If you've found a bug, or would like to contact us, or learn more about James Graham and Calculate.co.nz.
Calculate.co.nz is partnered with Interest.co.nz for New Zealand's highest quality calculators and financial analysis.
All calculators and tools are provided for educational and indicative purposes only and do not constitute financial advice.
Calculate.co.nz is proudly part of the Realtor.co.nz group, New Zealand's leading property transaction literacy platform, helping Kiwis understand the home buying and selling process from start to finish. Whether you're a first home buyer navigating your first property purchase, an investor evaluating your next acquisition, or a homeowner planning to sell, Realtor.co.nz provides clear, independent, and trustworthy guidance on every step of the New Zealand property transaction journey.
Calculate.co.nz is also partnered with Health Based Building and Premium Homes to promote informed choices that lead to better long-term outcomes for Kiwi households.
Calculate.co.nz is hosted in Auckland via SiteHost new Zealand.
All content on this website, including calculators, tools, source code, and design, is protected under the Copyright Act 1994 (New Zealand). No part of this site may be reproduced, copied, distributed, stored, or used in any form without prior written permission from the owner.
© 2019 to 2026 Calculate.co.nz. All rights reserved.