Entropy measures how unpredictable a password is, in bits. It is not a measure of how complicated a password looks to a human — it is a measure of how many attempts a brute-force attacker would need on average to guess it, assuming every character was chosen uniformly at random from a known set of possibilities.

The formula is simple: entropy = length × log₂(charset size). Each bit of entropy doubles the number of possible passwords, so entropy grows linearly with length but only logarithmically with how many different characters are allowed — length matters more than character variety.

Charset size drives less than you'd think

Character setSizeBits per character
Lowercase only (a–z)264.7
Lower + uppercase (a–z, A–Z)525.7
Lower + upper + digits625.95
Full printable ASCII (+ symbols)~946.55

Going from lowercase-only to the full printable set roughly adds one more bit per character — going from 8 characters to 16 characters adds 8 more characters' worth of bits entirely. Length wins.

What entropy looks like in practice

PasswordEntropyTime to crack at 1 billion guesses/sec*
8 chars, lowercase only37.6 bits~1.7 minutes
8 chars, mixed case + digits47.6 bits~1.3 days
12 chars, mixed case + digits71.5 bits~51,000 years
16 chars, full printable set104.9 bits~5.9 × 10¹⁴ years

* Illustrative only. "Guesses per second" varies by orders of magnitude depending on how the password is stored: a modern GPU can try billions of guesses per second against an unsalted, fast hash like raw MD5 or SHA-256, but only a few hundred per second against a properly configured bcrypt or Argon2 hash. Entropy tells you the size of the search space — it says nothing about how fast an attacker can search it.

Where the math breaks down: humans aren't random

The entropy formula assumes every character is chosen independently and uniformly at random. A password a person invents rarely is. P@ssw0rd123! is 12 characters across the full character set and scores well on paper, but it follows an extremely common substitution pattern (@ for a, 0 for o) that password-cracking dictionaries specifically test for. Its real-world resistance is far below its theoretical entropy.

This is why modern guidance (including NIST SP 800-63B) has shifted away from mandating character-class complexity rules and toward encouraging length — random passphrases or, better, passwords generated by a tool that actually samples uniformly at random rather than a human trying to "look random."

What actually protects an account

  • Length over complexity — a longer password with a smaller charset often beats a shorter one with every character class forced in.
  • Uniqueness per site — entropy is irrelevant if the same password is reused and one of the sites using it is breached. Credential-stuffing attacks replay leaked username/password pairs against other sites, not brute-force guessing.
  • A password manager — the practical way to have both a genuinely random password and a different one per site, without memorizing any of them.
  • Two-factor authentication — makes a leaked or guessed password alone insufficient, independent of how strong it was.

A tool like this site's password generator uses the browser's cryptographically secure random number generator to sample uniformly at random from the selected character set, so the entropy math actually applies — unlike a password a person invents under the illusion of randomness.

Frequently asked questions

entropy (in bits) = length × log2(charset size). An 8-character password using only lowercase letters (26 possibilities per character) has about 37.6 bits of entropy; the same 8 characters drawn from the full printable ASCII set (~94 possibilities) has about 52.4 bits.

Each additional bit doubles the number of possible passwords an attacker would need to search through.