Password Entropy: How to Calculate the True Strength of a Secret
In cybersecurity, we are constantly told to use "strong passwords." But how do we measure that strength scientifically? The answer lies in information theory, using a mathematical concept known as password entropy.
Entropy measures the uncertainty or unpredictability of a secret, represented in bits. The higher the bit entropy, the harder it is for a hacker to crack via brute force.
The Entropy Formula
Where L is length, and R is the size of the character pool.
Comparing an 8-character complex password (e.g. P@s1$w0!, approx. 52 bits) to a 4-word passphrase (e.g. house tree green chair, approx. 52 bits), the passphrase is much easier to remember and type, yet mathematically just as secure.
The Takeaway
Length scales entropy much faster than character pool size. Don't compromise on length. Use our Password Generator to get high-entropy secrets instantly.