Password strength estimator
Estimates how long a password would take to crack under a fast offline attack. This runs entirely in your browser using JavaScript — what you type is never sent anywhere, logged, or stored. Not by us, not by anyone.
How this works
This estimates entropy from character variety and length, then divides the resulting keyspace by an assumed fast offline attack rate (10 billion guesses per second) — a deliberately pessimistic assumption, since actual crack speed depends heavily on how a site stores your password. Real-world results vary. This is a rough guide, not a guarantee.
What actually helps
Length matters more than complexity — a long passphrase of unrelated words usually beats a short, symbol-heavy password. Use a unique password for every site, and use a password manager so "unique" doesn't mean "unmemorable." And enable MFA wherever it's offered — it protects you even when a password doesn't.