Password Strength by Length Calculator

Password strength depends primarily on two factors: length and the variety of characters used. This calculator shows the total number of possible password combinations and the entropy in bits for any combination of password length and character set size. A longer password drawn from a larger character pool is exponentially harder to crack — adding just one extra character multiplies the combinations by the entire charset size. Use this tool to understand how much security you actually gain from each additional character, and to compare the real-world impact of switching from lowercase-only to a mixed-case set with digits and symbols. Results include a strength rating from Very Weak to Extremely Strong, based on widely accepted entropy thresholds used by security professionals. Modern brute-force attacks can test billions of combinations per second, making passwords below 60 bits of entropy vulnerable to offline cracking. A 12-character password using a 72-character set sits comfortably in the Strong tier, while a 20-character full-ASCII password approaches a level that is computationally infeasible to crack with any foreseeable technology.

The total number of possible passwords equals charset size raised to the power of the password length (charset^length). Because this number grows astronomically fast — a 20-character password from a 95-character set produces roughly 10^39 combinations — the result is displayed as a power of 10 using the formula length × log₁₀(charset). Entropy in bits is calculated as length × log₂(charset), which is the standard measure used in security research and password policy guidelines. Each additional bit of entropy doubles the number of guesses an attacker must try. A password below 28 bits is trivially crackable; 60+ bits provides solid resistance against modern brute-force attacks; and 128+ bits is considered effectively unbreakable with current computing technology.