Password Entropy Explained: The Science of Password Strength
Password entropy measures the unpredictability of your password in bits. Understanding entropy helps you create passwords that are mathematically proven to resist attacks. Here's the science behind truly secure passwords.
What Is Password Entropy?
Entropy, in information theory, measures randomness or unpredictability. For passwords, entropy quantifies how many guesses an attacker would need to crack your password. Higher entropy means more security.
The Formula
Entropy = log₂(R^L)
Where:
- R = Size of the character pool (possible characters)
- L = Length of the password
- log₂ = Logarithm base 2 (converts to bits)
Simplified: Entropy = L × log₂(R)
Understanding Bits of Entropy
- 1 bit: 2 possibilities (like a coin flip)
- 10 bits: 1,024 possibilities
- 20 bits: ~1 million possibilities
- 40 bits: ~1 trillion possibilities
- 60 bits: ~1 quintillion possibilities
- 80 bits: ~1 septillion possibilities
- 128 bits: ~340 undecillion possibilities
Calculating Real-World Password Entropy
Character Set Sizes
| Character Set | Size (R) | Bits per Character | Example |
|---|---|---|---|
| Numbers only | 10 | 3.32 | 7294501836 |
| Lowercase only | 26 | 4.70 | qwertyzxcv |
| Lower + Upper | 52 | 5.70 | QwErTyZxCv |
| Alphanumeric | 62 | 5.95 | Qw3rTy8xCv |
| All ASCII printable | 95 | 6.57 | Qw3r!y8x@v |
Example Calculations
8-character password, all character types (95 chars)
Entropy = 8 × log₂(95) = 8 × 6.57 = 52.6 bits
Time to crack at 1 billion guesses/sec: ~143 years
16-character password, lowercase only (26 chars)
Entropy = 16 × log₂(26) = 16 × 4.70 = 75.2 bits
Time to crack at 1 billion guesses/sec: ~1.2 billion years
4-word passphrase (7,776 word dictionary)
Entropy = 4 × log₂(7776) = 4 × 12.9 = 51.7 bits
Time to crack at 1 billion guesses/sec: ~71 years
Why Length Beats Complexity
The Mathematics of Length
Adding one character to your password increases entropy more than adding character types:
| Password Type | Example | Entropy | Crack Time* |
|---|---|---|---|
| 8 chars, complex | P@ssw0rd! | 52.6 bits | 143 years |
| 12 chars, simple | correcthorse | 56.4 bits | 2,283 years |
| 16 chars, simple | correcthorsebattery | 75.2 bits | 1.2 billion years |
| 20 chars, simple | correcthorsebatterystaple | 94.0 bits | 627 trillion years |
*At 1 billion guesses per second
The Exponential Effect
Each additional character multiplies the possible combinations by the character set size. This exponential growth quickly outpaces the linear benefit of expanding the character set.
Real vs. Theoretical Entropy
Entropy Killers
Theoretical entropy assumes perfect randomness. Real passwords often have much lower effective entropy due to:
- Dictionary words: "Password1!" has low entropy despite mixed characters
- Common substitutions: "@" for "a", "3" for "e", "0" for "o"
- Keyboard patterns: "qwerty", "123456", "zxcvbn"
- Personal information: Names, dates, addresses
- Predictable patterns: Capital first letter, numbers/symbols at end
Effective Entropy Examples
| Password | Theoretical Entropy | Effective Entropy | Why Lower? |
|---|---|---|---|
| P@ssw0rd! | 59 bits | ~20 bits | Common word with substitutions |
| John1985! | 59 bits | ~15 bits | Name + birth year pattern |
| qwerty123 | 53 bits | ~10 bits | Keyboard pattern |
| Tr0ub4dor&3 | 72 bits | ~28 bits | Common substitution pattern |
Entropy Requirements by Use Case
Minimum Entropy Recommendations
| Use Case | Minimum Bits | Example Password | Rationale |
|---|---|---|---|
| Low-value accounts | 40-50 | 8-10 random chars | Deters casual attacks |
| Email/Social Media | 60-70 | 12-14 random chars | Protects personal data |
| Financial accounts | 70-80 | 14-16 random chars | High-value target |
| Cryptocurrency | 80-100 | 16-20 random chars | Irreversible transactions |
| Encryption keys | 128+ | 24+ random chars | Long-term security |
Future-Proofing Your Passwords
Computing power doubles approximately every two years (Moore's Law). A password that takes 100 years to crack today might take only 50 years in two years, 25 years in four years, and so on.
Recommended minimums for 20-year security:
- Add 10 bits to current requirements
- Use at least 80 bits for important accounts
- Consider 100+ bits for critical data
- Implement 2FA regardless of password strength
Passphrases: A Different Approach
Diceware Method
Diceware uses a list of 7,776 words (6^5), each word adding 12.9 bits of entropy:
| Words | Entropy | Example | Crack Time* |
|---|---|---|---|
| 3 | 38.8 bits | correct horse battery | 8.7 years |
| 4 | 51.7 bits | correct horse battery staple | 71 years |
| 5 | 64.6 bits | correct horse battery staple cloud | 584,542 years |
| 6 | 77.5 bits | correct horse battery staple cloud mountain | 4.8 billion years |
*At 1 billion guesses per second
Passphrase Advantages
- Memorable: Stories and sentences stick in memory
- High entropy: Long length compensates for predictability
- Easy to type: No special characters or shift keys
- Language-independent: Works with any language's word list
Attack Speed Considerations
Realistic Attack Speeds
| Attack Type | Speed (guesses/sec) | Scenario |
|---|---|---|
| Online attack | 10-1,000 | Website login with rate limiting |
| Offline (slow hash) | 10,000-100,000 | bcrypt, scrypt, Argon2 |
| Offline (fast hash) | 1-100 billion | MD5, SHA-1 (insecure) |
| GPU cluster | 100 billion - 1 trillion | Professional crackers |
| Nation-state | Trillions+ | Classified capabilities |
Time to Crack by Entropy
At 100 billion guesses per second (high-end GPU cluster):
- 40 bits: 11 seconds
- 50 bits: 3 hours
- 60 bits: 133 days
- 70 bits: 374 years
- 80 bits: 383,000 years
- 90 bits: 392 million years
- 100 bits: 401 billion years
Improving Your Password Entropy
Quick Wins
- Add length: Each character exponentially increases possibilities
- True randomness: Use a password generator, not patterns
- Unique passwords: Never reuse, even with variations
- Avoid predictability: No personal info or common substitutions
- Consider passphrases: Long and memorable beats short and complex (learn more in our guide on why passphrases beat traditional passwords)
Entropy Checklist
Does your password have:
- ☐ At least 60 bits of entropy for important accounts?
- ☐ True randomness (not keyboard patterns)?
- ☐ No dictionary words or names?
- ☐ No predictable substitutions (@ for a)?
- ☐ Sufficient length (12+ characters)?
- ☐ No connection to personal information?
- ☐ Uniqueness (never used elsewhere)?
Entropy in Practice
Creating High-Entropy Passwords
- Random password generators: Ensure cryptographic randomness
- Diceware passphrases: Roll physical dice for true randomness
- Password managers: Generate and store high-entropy passwords
- Hardware RNG: Some devices use atmospheric noise or radioactive decay
Testing Password Entropy
Be cautious about online password strength checkers. Never enter your actual password. Instead:
- Use similar patterns with different characters
- Calculate entropy manually using the formula
- Use offline tools that don't transmit data
- Focus on method rather than specific passwords
Key Takeaways
- Entropy measures password unpredictability in bits
- Length contributes more to entropy than complexity
- Aim for 60+ bits for important accounts, 80+ for critical
- Real entropy is often lower than theoretical due to patterns
- Passphrases can achieve high entropy while remaining memorable
- Computing advances require planning for future attack speeds
- True randomness is essential—avoid patterns and personal info
- Combine high entropy with 2FA for maximum security (see our complete guide to two-factor authentication)