What Is Password Entropy? A Plain English Explanation
Entropy is one of those words that sounds technical but describes a simple idea: how hard would it be to guess this password? Here is what entropy actually measures, how to read the numbers and why the single biggest thing you can do for password security is add more characters.
Entropy in one sentence
Password entropy is a measure of how unpredictable a password is, expressed in bits. The higher the number, the more guesses an attacker would need to crack it, and the longer it would take. That is all it means. The word "entropy" comes from information theory — the same field that gave us data compression — and measures the amount of uncertainty in a system.
How entropy is calculated
The formula is: entropy = length × log₂(character set size).
The character set size is the number of possible characters at each position in the password. If your password uses only lowercase letters, that is 26 options per character. Add uppercase and it becomes 52. Add numbers and it is 62. Add the common symbols on a standard keyboard and it reaches 94.
The log₂ part converts that pool size into bits. A pool of 94 characters gives you log₂(94) ≈ 6.55 bits per character. So a 16-character password using the full character set has approximately 16 × 6.55 = 105 bits of entropy.
What does 105 bits mean in practice? It means there are 2¹⁰⁵ possible combinations — a number with 31 digits. Even if an attacker could test a trillion combinations per second, it would take longer than the age of the universe to exhaust all possibilities.
What the numbers mean in practice
| Entropy range | Rating | What it means |
|---|---|---|
| Under 28 bits | Weak | Crackable instantly by a modern computer |
| 28–35 bits | Weak | Crackable in minutes to hours |
| 36–59 bits | Fair | Reasonable for low-value accounts; crackable with effort |
| 60–127 bits | Strong | Computationally expensive to crack; adequate for most uses |
| 128 bits or more | Very strong | Essentially uncrackable with foreseeable technology |
Why length beats complexity
This is the most important practical lesson from entropy maths. Each character you add to a password multiplies the number of possible combinations by the character set size. Each character type you add increases the character set size — but only by a fixed amount.
Concrete example: a 12-character password using only lowercase letters has 12 × 4.7 = 56 bits of entropy. Add uppercase, numbers and symbols, giving you a 94-character pool, and you get 12 × 6.55 = 79 bits. An improvement, but not dramatic. Now extend the lowercase-only password to 20 characters: 20 × 4.7 = 94 bits — already stronger than the complex 12-character version, and easier to type.
Length wins because it scales linearly with entropy. Complexity has diminishing returns once you cover the main character types.
This is why NIST's updated guidelines focus on minimum length rather than complexity rules. Forcing users to add a symbol or number feels like adding security, but adding even two or three more characters to the length achieves more.
The problem with entropy estimates
Entropy calculations assume the password is truly random — that every character is independently chosen from the full pool with equal probability. Human-chosen passwords almost never meet this standard. When people pick a password, they favour certain letters, avoid unusual symbols, start with capitals and end with numbers. These patterns drastically reduce the effective entropy even if the raw calculation suggests strength.
A password like London2024! scores well on a naive entropy check — it is 10 characters, has uppercase, lowercase, numbers and a symbol. Its actual entropy is close to zero because it follows an obvious pattern that attackers test in their first few seconds of a dictionary attack.
This is why the most reliable way to achieve the entropy a password generator promises is to let it generate the password for you, using a cryptographically secure source of randomness rather than your own choices.
Entropy vs cracking time
Cracking speeds vary enormously depending on whether the attacker has your raw password hash or is attacking a live login system. A live system with rate limiting might only allow a few guesses per second. An offline attack against a stolen password database can run at billions of guesses per second on a modern GPU.
For passwords stored in well-designed systems using strong hashing algorithms (bcrypt, Argon2), even relatively low entropy passwords are protected. For passwords stored carelessly (plain text, MD5), high entropy is the only real defence. Because you cannot know how a service stores your password, the prudent choice is to treat every password as if it will be attacked offline.
See your password's entropy score instantly
Paste any password into the strength checker and get an entropy rating, a strength label and a plain-English explanation of what it means — all in your browser with nothing sent to a server.
Open Password Strength CheckerThis article is for general informational purposes. Entropy estimates assume true randomness. Human-chosen passwords typically have lower effective entropy than calculated values suggest.