Password entropy explained
Entropy is the honest way to measure how strong a secret is. This page explains what it means, how it is calculated, how it maps to crack time, and how many bits you actually need.
What entropy actually measures
Entropy is the number of equally likely possibilities a secret was chosen from, expressed in bits. One bit means two possibilities; ten bits means 1,024; every extra bit doubles the count. Crucially, entropy describes the process that created the secret, not the characters themselves — a secret only has high entropy if it was genuinely chosen at random from a large space.
How entropy is calculated
For a randomly generated secret the formula is simple: entropy in bits = length × log2(number of options per position). A password of length L from an alphabet of N characters has L × log2(N) bits. A passphrase of W random words from a list of P words has W × log2(P) bits. For example, six words from a 7,776-word list give 6 × log2(7776) ≈ 77 bits.
Why human-made secrets have less entropy than they look
The formula only holds when each choice is independent and uniformly random. A password you invent yourself is not — it follows language patterns, keyboard shapes and common substitutions that attackers model. That is why a self-chosen “complex” password can be far weaker than its length suggests, while a computer-generated one of the same length is exactly as strong as the math says.
From entropy to crack time
Each bit doubles the number of guesses needed in the worst case, and on average an attacker finds the secret after trying about half the space. Turning that into time requires assuming a guess rate, which varies enormously: an online login throttled to a few attempts per second versus an offline attack on a leaked hash running billions per second. Because the rate is an assumption, treat crack-time figures as illustrative comparisons, not precise predictions.
How many bits do you need?
As a practical guide: around 50 bits is fine for low-value, rate-limited logins; 70–80 bits is strong for important accounts and resists offline cracking; 100+ bits suits master passwords and long-lived secrets. The generator on this site shows the exact entropy as you adjust settings, so you can choose a target deliberately rather than hoping a secret “looks strong enough”.
Frequently asked questions
What is a good entropy for a password?
Around 70–80 bits is strong for important accounts and resists offline cracking. Use 100+ bits for master passwords and long-lived secrets, and 50 bits is acceptable for low-value, rate-limited logins.
How is entropy calculated?
For a random secret it is length × log2(options per position): characters × log2(alphabet size) for a password, or words × log2(list size) for a passphrase.
Why do strength meters disagree with entropy?
Strength meters estimate by pattern-matching, which underrates truly random secrets and overrates predictable ones. When a secret is generated at random, the exact entropy is known and more trustworthy.
Does a longer secret always have more entropy?
Only if the added length is random. Appending a predictable word or “1!” adds little real entropy; adding a random word or random characters adds a known amount.
Is crack time an exact number?
No. It depends on an assumed guess rate that ranges from a few per second online to billions per second offline. Use crack-time figures as comparisons, not precise predictions.