What is password entropy?

Entropy is a measure of password unpredictability expressed in bits. It is calculated from the character set and length. The higher the value, the more resistant the password is to brute-force attacks.

Is a high entropy password always secure?

Even with high theoretical entropy, combinations of dictionary words or known leaked passwords may be in attacker lists. Only randomly generated passwords achieve the effective strength that entropy values suggest.

How many bits of entropy does a secure password need?

At least 60 bits is recommended for general online accounts, and 80 bits or more for critical accounts. A random password of 16+ characters with mixed case, digits, and symbols provides roughly 100 bits of entropy.

Password Entropy Explained: Measuring True Strength

About 9 min read

What criteria determine whether a password is "strong" or "weak"? Entropy, a concept from information theory, is widely used as an objective measure of password strength. This article explains the mathematical definition of entropy, how character sets and length affect strength, and how the strength meter on passtsuku.com performs its calculations.

What Is Entropy?

Entropyis a concept proposed by Claude Shannon, the founder of information theory, in his 1948 paper "A Mathematical Theory of Communication." While researching how to efficiently encode information against noise in communication channels, Shannon defined entropy as a measure to quantify the "uncertainty" of information. Inspired by thermodynamic entropy, this concept is linked to the fundamental unit of information, the "bit," and forms the foundation of modern cryptography and security evaluation.

In the context of passwords, entropy can be understood as the logarithm of the number of attempts an attacker needs to guess a password. Higher entropy means the password is harder to guess. The importance of Shannon's information theory lies in its ability to evaluate password strength with a "mathematically provable metric" rather than "intuition." This enables quantitative discussions such as "this password has X bits of entropy, so it would take Y years to crack" instead of "it seems long enough to be safe."

To systematically learn about the concept of entropy, Shannon information theory books (Amazon)can also be helpful.

The Entropy Formula

The entropy H of a randomly generated password is calculated with the following formula.

H = L × log₂(N)

Here, L is the number of characters in the password and N is the number of possible character types. log₂ is the base-2 logarithm, and the result is expressed in bits. For example, 1 bit of entropy means "one out of 2 possibilities," and 2 bits means "one out of 4." This formula holds under the assumption that each character is chosen independently and uniformly at random. Since this assumption breaks down for human-chosen passwords, be aware of the "pitfalls" discussed later.

Entropy Comparison by Character Set

The entropy per character (log₂(N)) and overall password strength vary significantly depending on the character set used. Let's compare them in the table below.

Character Set	N (chars)	Per char (bits)	8 chars (bits)	12 chars (bits)	16 chars (bits)
Digits only (0-9)	10	3.32	26.6	39.9	53.2
Lowercase only (a-z)	26	4.70	37.6	56.4	75.2
Lower + uppercase	52	5.70	45.6	68.4	91.2
Lower + upper + digits	62	5.95	47.6	71.5	95.3
All printable ASCII	95	6.57	52.6	78.8	105.1

The key takeaway from this table is that while increasing the character set raises entropy per character, the increase is logarithmic. Expanding from digits only (3.32 bits) to all ASCII (6.57 bits) only roughly doubles the per-character entropy. In contrast, doubling the password length from 8 to 16 characters exactly doubles the total entropy.

Practical Calculation Examples and Cracking Times

Example 1: 8 lowercase characters

H = 8 × log₂(26) = 8 × 4.70 = approximately 37.6 bits. This corresponds to 2^37.6, or about 209 billion combinations. According to a 2025 study by Hive Systems, offline attacks using an NVIDIA RTX 5090 (targeting bcrypt hashes) show significantly improved performance over the previous RTX 4090, with MD5 hashes allowing hundreds of billions of attempts per second. If stored with a weak hash function like MD5, a 37.6-bit password can be cracked in about 1 second. Even with bcrypt, it would be broken in roughly 13 days. This is insufficient for security.

Example 2: 16 characters with all ASCII

H = 16 × log₂(95) = 16 × 6.57 = approximately 105.1 bits. 2^105.1 is about 4 × 10^31 combinations. Even if an attacker could make 1 trillion (10^12) attempts per second, trying all patterns would take about 1.3 × 10^19 seconds, or roughly 400 billion years. That is about 30 times the age of the universe (approximately 13.8 billion years), making brute-force cracking virtually impossible with current computing technology. This is sufficient strength for financial services and critical accounts.

Example 3: 12 characters with upper + lower + digits

H = 12 × log₂(62) = 12 × 5.95 = approximately 71.5 bits. This is adequate strength for general web services, but somewhat insufficient for financial services. You can improve the strength by adding symbols or increasing the length. See the recommended settings in the article on how to create secure passwords.

Length vs. Character Variety: Which Matters More?

As the formula H = L × log₂(N) shows, entropy increases linearly with the number of characters L, but only logarithmically with the number of character types N. In other words, doubling the length doubles the entropy, but doubling the character set only adds 1 bit.

Because of this property, increasing the length is more effective than increasing the character variety for efficiently strengthening a password. However, increasing the character variety is still meaningful. It improves resistance not only to brute-force attacks but also to dictionary attacks, as it expands the search space for attackers. Ideally, it is recommended to ensure both sufficient length and diverse character types.

To gain a deeper understanding of the mathematical foundations of cryptography, cryptographic mathematics books (Amazon)can be helpful.

Pitfalls of Entropy Calculation

The formula above only holds when the password is generated completely at random. Passwords chosen by humans tend to be biased toward patterns such as dictionary words, birthdays, and keyboard sequences (qwerty, 1234, etc.), causing the effective strength to drop far below the theoretical entropy.

For example, an 8-character lowercase password theoretically has 37.6 bits of entropy, but if a common word like "password" is chosen, it falls within the top few thousand words in a dictionary attack, reducing the effective entropy to about 12 bits. NIST SP 800-63B also recommends checking user-chosen passwords against breached password lists rather than relying on simple entropy calculations. Using a random generation tool like passtsuku.com eliminates this gap between theoretical and effective entropy.

A common misconception is that adding a single symbol significantly increases entropy. This is incorrect. A composition like "Summer2024!" - a known word + year + one symbol - is a typical pattern found in attackers' rule-based dictionaries. In this case, the theoretical entropy is 11 × log₂(95) = about 72 bits, but the effective entropy is calculated as the logarithm of dictionary size (tens of thousands of words) × year patterns (dozens) × symbols (dozens), amounting to only about 25 bits. Combined with a rainbow tableattack, it could be broken even faster. Password strength is determined by the "randomness of the generation process," not the "apparent complexity."

How the passtsuku.com Strength Meter Works

The strength meter built into passtsuku.com evaluates password strength in real time based on the entropy calculations described above. Each time a user changes the character set or length settings, the entropy is recalculated and the meter display updates instantly. Internally, it uses cryptographically secure random numbers, so the generated passwords have theoretical entropy that matches their effective entropy. This is the decisive difference from human-chosen passwords. For more on random number quality, see the article on random number quality in password generation. For guidance on managing your generated passwords, see also password management best practices.

The strength rating criteria are as follows.

Below 40 bits: Weak - insufficient for online services
40-59 bits: Somewhat weak - acceptable for non-critical services
60-79 bits: Moderate - suitable for general web services
80-127 bits: Strong - recommended for financial services and email accounts
128+ bits: Very strong - highest level of security

By enabling all four character types (uppercase, lowercase, digits, and symbols) on passtsuku.com and generating passwords of 16 or more characters, you can achieve approximately 105 bits of entropy. Use the strength meter as a guide to generate passwords with appropriate strength for your needs.

Recommended Entropy by Use Case and Practical Checklist

With an understanding of entropy theory, here is a summary of what settings to use for password generation by use case.

Social media and forums (low risk): 60+ bits - upper + lowercase + digits, 12 characters
Email, cloud storage (medium risk): 80+ bits - all character types, 14 characters
Financial services, cryptocurrency (high risk): 100+ bits - all character types, 16 characters
Password manager master password: 128+ bits - all character types, 20 characters

Use the following checklist to review your current password practices.

Are you creating passwords with a random generation tool like passtsuku.com?
Do your important account passwords have 80+ bits of entropy?
Are you using different passwords for each service?
Are you managing them centrally with a password manager?
Does your master password have 128+ bits of strength?
Are you regularly performing breach checks (Have I Been Pwned, etc.)?

What You Can Do Right Now

Try the same character count and character set settings as your current passwords on passtsuku.com and check the entropy with the strength meter
Identify accounts with entropy below 80 bits and update them to passwords with all character types and 16+ characters using passtsuku.com
Set passwords for financial services and email accounts to 100+ bits (all character types, 16+ characters) as a target
Strengthen your password manager master password to 128+ bits (all character types, 20+ characters)

Frequently Asked Questions

What is password entropy?: Entropy is a measure of password unpredictability expressed in bits. It is calculated from the character set and length. The higher the value, the more resistant the password is to brute-force attacks.
Is a high entropy password always secure?: Even with high theoretical entropy, combinations of dictionary words or known leaked passwords may be in attacker lists. Only randomly generated passwords achieve the effective strength that entropy values suggest.
How many bits of entropy does a secure password need?: At least 60 bits is recommended for general online accounts, and 80 bits or more for critical accounts. A random password of 16+ characters with mixed case, digits, and symbols provides roughly 100 bits of entropy.

Was this article helpful?

Generate passwords →