Real-time strength analysis — nothing is ever sent anywhere
Generator
How password security works
Why length beats complexity
Password rules that say “must contain uppercase, a number, and a symbol” came from 2003 guidance that has since been officially reversed by the U.S. government’s cybersecurity agency. The new consensus is simpler: length matters most. Every character you add doesn’t just increase combinations a little — it multiplies them. A 20-character phrase of common words is significantly stronger than an 8-character “P@ssw0rd” with all the boxes checked.
Password entropy is H = L × log₂(N), where L is length and N is charset size. NIST SP 800-63B (2017, revised 2023) explicitly removed mandatory complexity rules, instead recommending ≥8 characters minimum with ≥15 preferred. Adding one character to a 95-character-set password multiplies the search space by 95 (≈6.6 bits). Upgrading from 3-of-4 character types to 4-of-4 adds a fixed bonus — less entropy than a single extra character at lengths above 8.
How passwords actually get cracked
Attackers don’t try every combination randomly — they’re much more efficient than that. They start with lists of billions of already-leaked passwords, then try predictable variations like swapping “a” for “@” or adding “123” at the end. If your password is on those lists, it doesn’t matter how clever you think it is. Only after exhausting those options do attackers resort to brute force — and modern hardware can test billions of guesses per second.
Attack order by efficiency: (1) credential stuffing from breach dumps; (2) dictionary + rule mutations (leet substitutions, append-digit, capitalize-first); (3) pattern matching (keyboard walks, sequential runs, date patterns); (4) Markov-chain models trained on real password corpora; (5) raw brute force. An RTX 4090-class GPU tests ≈100B MD5 hashes/sec, dropping to ≈10K/sec for bcrypt at cost factor 12 — the reason bcrypt dramatically extends the “offline fast” crack time shown above.
Data breaches and why they matter
Billions of real passwords from hacked websites are now searchable by anyone. Attackers check these lists before trying anything else — if your password appears on one, the length and symbols don’t matter. This is also why reusing the same password across sites is dangerous: one breach can unlock all your accounts. The optional breach check here searches those databases without your actual password ever leaving this page.
Have I Been Pwned (HIBP) indexes 13B+ compromised credentials from public breach dumps. This tool uses the k-anonymity range API: SHA-1(password) is computed locally in the browser; only the first 5 hex digits (20 bits) are sent to api.pwnedpasswords.com/range/{prefix}; the returned suffix list is checked client-side. No full hash or plaintext ever leaves the browser. The model was co-designed with Cloudflare and is documented at haveibeenpwned.com.
Passphrases vs. passwords
A passphrase is several random words joined together — like “River-Stone-Eagle-Flame.” The critical word is “random”: words you choose yourself tend to follow patterns (your pet’s name, a favorite place, a movie). Words a generator picks for you don’t. Four randomly chosen words give you trillions of possible combinations, and they’re far easier to remember and type than a string of random characters.
Four words drawn from a 2,048-word list yields log₂(2048⁴) ≈ 44 bits of entropy. An 8-character random password from 95-char printable ASCII yields ≈52 bits — more entropy, but practically unmemorizable without a password manager. The EFF large wordlist gives 12.9 bits/word. This generator uses crypto.getRandomValues() for word selection, guaranteeing uniform distribution with no modulo bias.
Patterns attackers exploit
Predictable patterns are the first thing any cracking tool checks. Keyboard walks like “qwerty” or “asdfgh”, years like “2024” or “1987”, sequences like “abc” or “123”, and common substitutions like “@” for “a” are all on the same attack lists. They don’t hide a weak core — they just make you feel like you’ve done something. This analyzer flags each detected pattern specifically so you understand exactly what’s weak and why.
Detection covers: keyboard walks (all 3+ substrings matched against QWERTY row, column, and diagonal sequences, forward and reverse); sequential alphanumeric runs ≥3 (ascending or descending char codes); repeat analysis (maxRun ≥ 3 or single-char frequency >20%); date patterns (/(?:19|20)\d{2}/, MM/DD, MMDDYYYY); leet normalization (12-substitution map applied before the 300-entry common-password check). Each detected pattern subtracts from both the 0–100 score and the estimated entropy used for crack time calculations.
How generated passwords are secured
Every password generated here is built using your browser’s built-in cryptographic random generator — the same standard used by banking and encryption software. Nothing is sent to a server, nothing is stored, and nothing is logged anywhere. The moment you close or refresh the page, the password is gone unless you’ve already copied it. The only thing that leaves this page is what you deliberately copy and paste.
Generation uses window.crypto.getRandomValues() with rejection sampling to eliminate modulo bias: uint32 values ≥ ⌊2³² / N⌋ × N are discarded and resampled. At least one character from each selected type is guaranteed before filling the remaining length from the full charset. A Fisher-Yates shuffle (also via CSPRNG) provides an unbiased permutation. Math.random() is not used anywhere. The passphrase generator draws from an embedded 800-word list using the same RNG with identical bias elimination.
Common questions
What makes a strong password?
Length is the single most important factor. A 20-character phrase of random words is significantly stronger than an 8-character password with uppercase, numbers, and symbols combined. NIST SP 800-63B explicitly removed mandatory complexity rules and recommends 15 or more characters for anything important.
How long should a password be?
NIST recommends a minimum of 8 characters, with 15 or more strongly preferred. For high-value accounts — email, banking, password manager master password — aim for 20 characters or more. Each additional character multiplies the number of possible combinations rather than just adding to it.
Is my password sent to your servers?
No. The password never leaves your browser. All scoring and analysis runs entirely in JavaScript on your device. The optional breach check sends only a 5-character anonymized code fragment to the HaveIBeenPwned API — not enough to identify or reconstruct your password.
Why doesn’t adding symbols and capitals help much?
Symbols and uppercase letters expand the character set from 26 to about 95 possible characters per position, adding roughly 6–7 bits of entropy — equivalent to about one extra character of length. A longer password with a smaller character set almost always beats a shorter password that ticks every complexity box.
How long would it take to crack my password?
It depends on how the password hash is stored. Against a slow hash like bcrypt, a modern GPU tests roughly 10,000 guesses per second. Against a fast hash like MD5, the same hardware can reach 100 billion per second. The crack-time estimates above the explainer show both scenarios so you can see the real range.
What is a passphrase and is it better than a random password?
A passphrase is 4 or more randomly chosen words joined together — like “River-Stone-Eagle-Flame.” It has slightly less raw entropy than a fully random character password of the same length, but it’s far easier to remember and type. The critical requirement is that the words must be chosen randomly, not picked by you.
Why is reusing passwords dangerous?
When one site is breached, attackers take leaked email and password pairs and automatically test them on hundreds of other services — a technique called credential stuffing. Reusing a password across multiple sites means a single breach can compromise all of those accounts at once.
