Password Entropy Explained: What Makes a Password Strong
When a website tells you your password is "weak" or "strong," it is measuring entropy β the mathematical randomness of your password. Understanding entropy helps you create passwords that are genuinely secure rather than just hard to type.
What Is Entropy?
Entropy, measured in bits, quantifies how unpredictable a password is. Each bit of entropy doubles the number of possible passwords an attacker must try. The formula is:
Entropy = logβ(C^L)
Where:
- C = size of the character set
- L = length of the password
Alternatively: Entropy = L Γ logβ(C)
Entropy by Character Set
| Character Set | Pool Size (C) | Bits per Character |
|---|---|---|
| Digits only (0-9) | 10 | 3.32 |
| Lowercase letters (a-z) | 26 | 4.70 |
| Lowercase + digits | 36 | 5.17 |
| Mixed case (a-z, A-Z) | 52 | 5.70 |
| Mixed case + digits | 62 | 5.95 |
| All printable ASCII | 95 | 6.57 |
Example calculations:
password(8 lowercase): 8 Γ 4.70 = 37.6 bits β crackable in secondsP@ssw0rd(8 mixed): 8 Γ 6.57 = 52.6 bits β crackable in hourscorrect-horse-battery-staple(28 lowercase + symbols): far higher effective entropy due to length
Length vs. Complexity
Here's the counterintuitive truth: length contributes more to entropy than complexity.
| Password | Length | Entropy | Time to Crack (1B guesses/sec) |
|---|---|---|---|
Xy7! | 4 | 26.3 bits | < 1 second |
Xy7!Qp2$ | 8 | 52.6 bits | 142 years |
mysimplepassword | 16 | 75.2 bits | 1.2 billion years |
correct horse battery | 22 | 103 bits | Heat death of universe |
A 16-character lowercase password is stronger than an 8-character password with every character type. This is why modern security guidance (NIST SP 800-63B) recommends long passphrases over short complex passwords.
The Problem with "Complexity Rules"
Traditional password policies (must include uppercase, lowercase, number, symbol) are counterproductive:
- Predictable patterns: Users capitalize the first letter, add
1!at the end βPassword1! - Reduced memorability: Complex passwords get written on sticky notes
- False security: An 8-character "complex" password has less entropy than a 16-character simple one
Modern guidance from NIST:
- Minimum 8 characters, recommended 15+
- No composition rules (uppercase, symbols, etc.)
- Check against breached password databases
- Allow all printable characters including spaces
- No forced periodic rotation
Passphrase Strategy
Passphrases use random words instead of random characters:
method: pick 4-6 random words from a dictionary
example: "timber quantum spoon velocity"
entropy: 4 words Γ ~12.9 bits/word (from 7,776-word list) β 51.7 bits
better: 6 words β 77.5 bits
The Diceware method uses a list of 7,776 words (6^5, matching five dice rolls). Each word adds 12.9 bits of entropy.
Advantages:
- Memorable (you can visualize the words)
- Long (naturally 20-35 characters)
- High entropy with enough words
- Easy to type
Generate secure random passwords and passphrases with our Password Generator.
Real Attack Speeds
Entropy only matters relative to attack speed:
| Attack Type | Speed | 40-bit Password | 60-bit Password | 80-bit Password |
|---|---|---|---|---|
| Online (rate-limited) | 1,000/sec | 12.7 days | 36,559 years | 38M years |
| Offline (CPU) | 1B/sec | 1.1 seconds | 36.5 years | 38,334 years |
| Offline (GPU cluster) | 1T/sec | < 1 second | 13 days | 38 years |
| Nation-state | 1P/sec | < 1 second | < 1 second | 14 days |
For online accounts with rate limiting and lockout, 40+ bits is adequate. For offline attacks (stolen password hashes), 80+ bits is the minimum. This is why password hashing algorithms like Argon2 and bcrypt exist β they make each guess expensive.
Password Manager Math
A password manager changes the equation entirely:
- One strong master password: 80+ bits entropy (6+ word passphrase)
- Every other password: Generated randomly, 128+ bits, unique per site
- No reuse: A breach at one site doesn't affect others
The math favoring password managers is overwhelming. A single reused password, no matter how strong, is weaker than unique weak passwords per site, because one breach compromises all accounts.
Measuring Your Password
When evaluating password strength, consider:
- Is it in a breach database? β Even "strong" passwords are weak if they've been leaked (check haveibeenpwned.com)
- Is it random? β Human-chosen passwords have far less entropy than random ones
- How is it stored? β bcrypt with cost factor 12 adds ~22 bits of effective entropy vs. plain MD5
For more on secure password generation, see our comprehensive password generation guide.
FAQ
How many bits of entropy do I need?
For online accounts with rate limiting: 40-50 bits minimum. For passwords protecting encrypted data (disk encryption, password manager master password): 80+ bits. For cryptographic keys: 128+ bits. The right answer depends on what you are protecting and who might attack it.
Does adding a symbol to my password make it significantly stronger?
Adding one symbol increases the character pool from 62 to 95, adding about 0.6 bits per character. For an 8-character password, that is roughly 5 extra bits β equivalent to adding one more lowercase character. Length is almost always a better investment than adding character types.
Related Resources
- Password Generator β Generate cryptographically secure passwords
- Generate Strong Passwords β Comprehensive password security guide
- Hash Algorithms Compared β How passwords are stored securely