Password Strength Checker – How Strong Is Your Password?
The Password Strength Checker instantly analyzes any password for length, character variety, common patterns, and whether it appears in a list of the most-used passwords. It shows a score out of 100, an estimated crack time based on a 10-billion-guesses-per-second attack, and specific suggestions to improve your password. Everything runs locally — your password never leaves your browser.
How to Check Your Password Strength
- 01
Type or paste your password
Enter any password in the input field. The strength analysis updates instantly as you type. Use the eye icon to show or hide the characters.
- 02
Read the analysis
See your score out of 100, the strength level (Very Weak to Very Strong), estimated crack time, and a detailed checklist of which criteria your password meets.
- 03
Improve or generate
Follow the suggestions to strengthen your password, or click "Generate strong password" to instantly create and copy a 16-character secure password.
Features
- ✓Instant real-time strength analysis
- ✓Score out of 100 with 5 strength levels
- ✓Estimated crack time (brute-force, 10B guesses/sec)
- ✓8-point checklist: length, case, numbers, symbols, patterns
- ✓Common password detection (instantly scores to 0)
- ✓Actionable improvement suggestions
- ✓Secure password generator using Web Crypto API
- ✓Show/hide password toggle
- ✓Copy to clipboard button
- ✓100% browser-based — password never leaves your device
Frequently Asked Questions
Is my password sent to a server?
No. The password strength checker runs entirely in your browser using JavaScript. Your password is never sent to any server, never stored, and disappears the moment you close or refresh the page.
How is the strength score calculated?
The score (0–100) is based on multiple factors: length (8+ chars adds 10 points, 12+ adds 15 more), character variety (uppercase, lowercase, numbers, symbols each add points), absence of common patterns like "123" or "qwerty", no repeated characters, and whether the password appears in a list of the 20 most commonly used passwords (which instantly sets the score to 0).
How accurate is the crack time estimate?
The estimate is calculated as charset_size^password_length / 10,000,000,000 (10 billion guesses per second, representing a modern GPU cracking rig). It assumes a brute-force attack against the raw password. Real-world crack times vary significantly based on attack method (dictionary, hybrid, targeted), hashing algorithm, and whether the attacker knows anything about your password patterns.
What makes a password "Very Strong"?
A Very Strong password scores 75 or higher. Typically this means: at least 12 characters (16+ is best), a mix of uppercase letters, lowercase letters, numbers, and symbols, no dictionary words or common patterns, and no repeated character sequences. The generated password always meets these criteria.
How does the password generator work?
The generator uses the Web Crypto API (crypto.getRandomValues) to create a cryptographically random 16-character password with guaranteed uppercase, lowercase, number, and symbol characters. The characters are then shuffled randomly. It's automatically copied to your clipboard and shown in the input field for review.