NetCalc
Dark mode
NC

Password Entropy Calculator

Calculate the entropy (strength) of a password in bits based on character set size and length.

How to use the password entropy calculator

  1. Type a password or use the manual mode to model a character-set policy.
  2. The tool returns entropy in bits and crack time at 1 M / s, 1 B / s GPU, and 1 T / s nation-state rates.
  3. Aim for 60 bits for a web login, 128 bits for an encryption key, 256 bits for post-quantum safety.

Frequently asked questions

How many bits of entropy is enough in 2026?

NIST SP 800-63B retired complexity rules — focus on length. 60 to 80 bits for ordinary web accounts, 128 bits for encryption keys, 256 bits if you want margin against future quantum attacks.

Does using symbols always strengthen a password?

Only slightly. Doubling the password length adds far more entropy than adding a special character. Length dominates the entropy formula.

Why are passphrases stronger than complex short passwords?

A four-word random passphrase from a 7,000-word list has ~50 bits of entropy and is easier to type. A short 'complex' password is shorter and often more predictable.

How does an attacker calculate crack time?

Crack time ≈ search space / guess rate. Search space = charset^length. Guess rate varies by attack: 1 M / s for online, 1 B / s for GPU offline, 1 T / s for nation-state hardware.