Read More | Important Notice |
The method of guessing is assumed to be brute force: that is for a 3-character password composed only of lower-case letters, the hacker would guess (not necessarily in this order):
aaa, aab, aac, ..., aax, aay, aaz, aba, abb, ..., aby, abz, ..., azx, azy, azz, baa, bab, ..., zzx, zzy, zzz
A password such as the 3-letter random password above would have 263 = 17,576 possible values which gives an entropy of log2(17576) = 14.1 bits, which you can see from the calculator below.
This calculator assumes the hash rate, number of allowed characters in the password, and password length that you enter, and that THE PASSWORD WAS RANDOMLY CHOSEN. You can select the hacker's compute power using the selectors for Hashes/Second. At the time of this writing, the largest machines that an adversary would likely have can perform about 60 Billion (60 * 109) hashes per second. This will evolve upward with time. On average, the adversary would have to test 50% of the possible passwords to find a match. You can set the desired Probability of a "hit" using the "Probabability" selector.
Action | Entropy of a Random Password | Average Time to Guess this Password with the Stated Probability | ||||||
---|---|---|---|---|---|---|---|---|
Alphabet Size | PW Length | Entropy (Bits) | Hacker: Hashes/second | Probability | Time | Units | ||
You can reset the calculator to its default values by pressing the "Reset" button. Values will be recalculated automatically whenever you change any of the selectors, or you can force a re-calculation by pressing the "Calculate" button.
I WILL SHORTLY POST A PAGE THAT HELPS YOU TO CHOOSE GOOD, TRULY RANDOM PASSWORDS USING ONLY ITEMS YOU HAVE AROUND THE HOUSE, AND WITHOUT USING SOFTWARE OF ANY KIND (UNLESS YOU COUNT A REFERENCE SHEET AND YOUR BRAIN AS SOFTWARE).
E = Log2(AL) or, equivalently:
E = Log2(A) * L
My only reward for writing this is the 15 milliseconds of fame I receive from having my name here. Don't deprive me of that.
You can copy this page by simply doing a "Save As" in your browser and putting it somewhere on your hard drive (or your web site). If you stop there the background will be gone. To preserve the background, copy the following file into this same folder, without changing its name, by again using your browser's "Save As". The next time you refresh the page, the background should be restored: