Password strength tester

Type a password to see an estimate of its strength and crack time. It's checked locally — never sent anywhere.

How to use the password strength tester

Type a password (or one of similar style) into the box.
Read the strength rating and estimated crack time.
Lengthen it or use a passphrase if it's weak.

How this estimate works

Strength is estimated from length and the character variety used, expressed as bits of entropy, with an offline crack-time estimate at ~10 billion guesses/second. It runs entirely in your browser — nothing is transmitted — but the safest habit is to test a password of similar style rather than one you actively use. Need a stronger one? Generate a random password or a passphrase.

Code & API examples

Use this from the command line or your code.

Python (zxcvbn)

# pip install zxcvbn
from zxcvbn import zxcvbn
print(zxcvbn('correct horse battery staple')['guesses'])

See all endpoints at /api/tools/.

Frequently asked questions

The check runs entirely in your browser and nothing is transmitted. Still, the safest habit is to test a password of similar style rather than one you actively use.

16 characters or more for a random password, or 5–6 random words for a passphrase. Length matters more than swapping letters for symbols.

Related tools

Strong password generator Passphrase generator (diceware) Hash generator (SHA-256 & more)

Want to hide your IP for real?

vpn.golf is a no-logs WireGuard VPN. Pick a hole, take the shot.

Step up to the tee — free

Password strength tester

How to use the password strength tester

How this estimate works

Code & API examples

Frequently asked questions

Is it safe to type my real password here?

What's a good password length?