How strong is your password?
Paste any password for an instant analysis: entropy in bits, estimated crack time, a 7-point DNA quality audit, and specific improvement suggestions.
Understanding password strength
What is entropy and why does it matter?
Entropy measures how unpredictable a password is, expressed in bits. A password with 60 bits of entropy requires 2^60 guesses to crack by brute force — about 1.1 quintillion attempts. Every additional character of random selection roughly doubles the entropy.
What crack time estimates are based on?
Estimates assume a dedicated attacker using a modern GPU cluster capable of approximately 10 billion guesses per second — the realistic threat model for offline attacks on stolen credential databases. Online attacks are limited to a few thousand per second by rate limiting.
Why might a long password still score poorly?
Length alone is not enough if the characters are predictable. 'aaaaaaaaaaaaaaaa' is 16 characters but has near-zero entropy because it contains only one character. Good passwords combine length with genuine randomness across multiple character classes.
What is the DNA Score?
PassGeni's proprietary 7-point quality audit. It checks length thresholds (12+ and 16+ characters), presence of uppercase, lowercase, numbers, and symbols, and absence of triple-repeat patterns. Each check is weighted by security impact and combined into a 0–100 score graded A+ to C.
"Strength Checker gave me actual data — entropy in bits, crack time, specific improvements. Not just a red/green bar. That's useful feedback."
"The DNA Score caught a pattern I missed. My router admin password had 3 repeated characters. The check flagged it. Never would have noticed otherwise."
"I use the DNA Score in client security training. It flags specific weaknesses — low entropy, no symbols, repeated chars — in plain language everyone understands."
Now generate a stronger password.
Free, client-side, zero storage. Uses your profession to make it memorable.
Generate my password →