Password Strength Analyzer & Checker

開発者安全

入力

自動処理

出力

クライアント側

財産	価値
長さ	<span id="ioValLength">—</span>
エントロピ	<span id="ioValEntropy">—</span>
Character Pool Size	<span id="ioValPoolSize">—</span>
Character Sets Used	<span id="ioValCharSets">—</span>
Crack Time (Online, 100/s)	<span id="ioValCrackOnline">—</span>
Crack Time (Slow Hash, 10k/s)	<span id="ioValCrackSlowHash">—</span>
Crack Time (Fast Hash, 10B/s)	<span id="ioValCrackFastHash">—</span>

広告・取り除く？

ガイド

Password Strength Analyzer & Checker

Analyze any password in real time to see its strength score, entropy, estimated crack times, and potential vulnerabilities. The analyzer detects common patterns, keyboard walks, dictionary words, and l33t speak substitutions — all without your password ever leaving your browser.

使い方

Type or paste a password into the input field. The analyzer evaluates it in real time, showing a visual strength meter, detailed analysis, pattern warnings, and suggestions for improvement. Use the show/hide toggle to view the password as you type.

特徴

Visual Strength Meter – Four-level color-coded bar: Weak (red), Fair (orange), Strong (yellow), Very Strong (green)
Entropy Calculation – Precise entropy in bits based on character pool size and password length
Crack Time Estimates – How long to crack at three speeds: online attack (100/s), slow hash like bcrypt (10k/s), and fast hash with GPU farm (10B/s)
Pattern Detection – Warns about common passwords, keyboard walks (qwerty), sequential characters, repeated characters, date patterns, and dictionary words
L33t Speak Detection – Recognizes common substitutions like @ for a, 3 for e, 0 for o
改善の提案 – Contextual tips based on detected weaknesses
100% クライアントサイド – Your password never leaves your browser — guaranteed

広告・取り除く？

 よくある質問

What is password entropy and why does it matter?

Password entropy measures the randomness of a password in bits. It is calculated as log2(pool_size ^ length), where pool_size is the number of possible characters. Higher entropy means more possible combinations an attacker must try. A password with 40 bits of entropy has about 1 trillion combinations, while 80 bits has over a sextillion — making brute force impractical.
Why are common passwords like P@ssw0rd still weak despite having mixed characters?

Attackers maintain lists of the most commonly used passwords and their l33t speak variations. P@ssw0rd appears in virtually every password dictionary, so it would be cracked in seconds regardless of its character diversity. Pattern-based attacks check known substitutions (@ for a, 0 for o, 3 for e) before brute force.
How long should a password be to be considered secure?

For passwords protected by modern slow hashing algorithms like bcrypt, 12-16 characters with mixed character types provides strong protection. For systems using fast hashes like MD5 or SHA-1, longer passwords (16-20+) are needed. Passphrases of 4-5 random words (20-30 characters) offer both security and memorability.
What is a keyboard walk and why is it a security risk?

A keyboard walk is a password created by pressing adjacent keys in sequence, like qwerty, asdfgh, or zxcvbn. These patterns feel random to users but are well-known to attackers. Password cracking tools include keyboard walk dictionaries that test these patterns early in an attack, making them far weaker than their length suggests.