Pinterest Stumbleupon Whatsapp
Ads by Google

password strength toolAll of us have read a fair share of ‘how do I crack a password’ questions. It’s safe to say that most of them are for nefarious purposes rather than an inquisitive one. Well, they are the script kiddies, so it makes me real scared of the tribe that goes by the collective names of – hackers, crackers, or black hats.

Breaching passwords is as common a sport as wild hunting used to be once. So, do you stay on the secure side and put careful thought into your passwords? CXO has an interesting infographic on password strengths.

Today, every well designed website and web app has a password strength indicator. These are basically scripts and plugins that follow basic rules of strong passwords. Then again, if you really like to pit your passwords against the black hats, try out these five password strength tools that tell you if your password is strong enough.

How Secure Is My Password

password strength tool

There are very few really engaging password strength testing tools, and this is one of them. It does tell you the strength but also something beyond that. For instance, a regular word like “enter” is among the 500 most common passwords used. My own email password (I ain’t telling what it is) would take a desktop PC 2 billion years to crack. Though this feedback may not always correct, you are welcome to take a shot. (See Directory mention)

[NO LONGER WORKS] The Password Meter

password strength tester

Ads by Google

This password strength tester is one of the more popular tools out there. It gives you a detailed breakdown of your password and puts a password through their customized measuring scale. Each element of your password string gets a point and they are totaled up to assess the strength of the password. You can use the scoring system to construct very strong, nearly unbreakable passwords. (See Directory mention)

Test Your Password

password strength tester

This is a dual purpose tool – it helps you to generate random passwords when you give it the parameters; and then you can test the password for its strength. You can put in additional characters of your choice. Use it to quickly see why eight character passwords are always advised over lesser numbered ones.

Strength Test

password strength tester

This password web tool considers the probability of letters landing close to each other when rating passwords strong or weak. Ideally, passwords should be random. The meter shows this by using a term called ‘entropy’, an estimate based on letter pair combinations in the English language.

Microsoft Safety And Security Center

password strength tool

Microsoft has its own little password checking tool tucked away on their site. More than the tool, the sub-site is an important resource for learning all about the rules of security. The password strength tool is pretty much similar to the others in its colored rating.

These web apps and testing tools show that it takes just a few seconds to test your password strength and ensure security for a lifetime. Carefully thinking of a good password takes slightly more time. You can put more thought into it with the help of these two posts –

How To Create A Good Password That You Will Not Forget How To Create A Good Password That You Will Not Forget How To Create A Good Password That You Will Not Forget Read More
How To Create Strong Passwords That You Can Remember Easily How To Create Strong Passwords That You Can Remember Easily How To Create Strong Passwords That You Can Remember Easily Read More

Do you put the right characters into your passwords? Review your passwords and let us know if you go to great lengths with them.

Image Credit: Shutterstock

  1. Ronny
    January 26, 2016 at 11:11 pm

    Well the password is like the bumper of a car, you must have a good, nice and strong one to protect, but it can be broken with or without force, the best practice of password is to change them early as you can, I change mine every 30 days in all my accounts, passwords can be weak or strong but after all are the keys of the kingdom.

    For system, network and sec admins use if compatible certificate authentication, password managers, and good practice by default.

    • Saikat Basu
      January 27, 2016 at 12:16 pm

      That's a good analogy Ronny. There are two school of thought regarding frequent change of passwords. For example, A Microsoft study a couple of years ago found that mandatory password changes cost billions in lost productivity—for very little security payoff.

      Of course, there are exceptions depending on your account type and the scenario under which you might change your passwords.

    • Franz
      March 25, 2016 at 5:51 am

      I disagree. I think that if password requirements are well chosen, there is no need for routine password changes.

      What I see in actual practice (such as in my own company, a very large enterprise) is that when users are required to change passwords routinely, the password rules must be commensurately weakened. It is too difficult for users to remember passwords otherwise. And with passwords changing frequently, users are much more likely to write them down, reuse the same passwords (even between work/personal use), and otherwise reduce security.

      So by forcing password changes, what you actually do is frustrate users, waste time, and reduce security by loosening password rules and making users write them down and reuse them. It does not make sense at all.

  2. BillR
    October 16, 2015 at 1:09 am

    The two best password strength tools I've seen lately are Telepathwords from Microsoft (a joint research project with CMU) and zxcvbn on GITHUB (but there are several implementations). Both are less than perfect but between the two you might have a chance. The original author of the latter has a nice blog post that compares zxcvbn to several other password strength tools.

  3. George Cooke
    June 19, 2015 at 10:04 am

    Steve Gibson of SecurityNow has a good password strength checked, tells you times of various attacks: https://www.grc.com/haystack.htm

  4. Jill Harrison
    June 2, 2011 at 12:01 pm

    http://howsecureismypassword.net/ works even if you are offline. USE COMMON SENSE and don't test your real password anyway.

  5. Saikat Basu
    April 15, 2011 at 12:20 pm

    Thanks a lot guys for your comments.

  6. Onearmbandit
    April 10, 2011 at 11:25 pm

    Passwords...the trouble with security? Should we be paraniod?

    No matter how strong your password, you'll have a weak one out there somewhere?

    And if you are sure you do not then ask yourself:
    How many sites do I login to that may contain valuable personal data?
    How many sites do I keep upto date with my super strong password?
    How many sites is the username actually set with my email address?

    Now ask yourself:
    How these cedentials are stored and who has access to the backend of a given site?

    But lets put this into some perspective:
    How many of us will call a company and give our credit card details over an unsecured phone line, trusting a complete stranger because they work there?

    For e-commerce sites, personally I would like to see more using out-of-band authentication using a telco channel. So many of carry a mobile phone everywhere we go!

  7. Ross Dempsey
    April 9, 2011 at 8:24 pm

    713 years? Check out my facebook password: http://bit.ly/eAVK3n

  8. Autofire
    April 9, 2011 at 6:27 pm

    336 trillion years for my actual password

  9. Philharmania
    April 9, 2011 at 6:26 pm

    Compared with the complexity of the password, it's always the awareness of security that matters much more, for example, don't put your password under the online strength test.

  10. RichieB07
    April 9, 2011 at 6:22 pm

    Mine was 713 years on the first test. Not too bad at all! Thanks for these!

  11. Brian Morin
    April 8, 2011 at 8:22 pm

    I feel that the emphasis should be looking into the truth about the "Security Scam" that we've gotten ourselves into. We used to have one key to enter our house, now we need so many, or it seems, that we just can manage them for ourselves. It is a losing of our own identity. Someone or something else owns our - PASSWORDS - Can you believe it... I can't. - bri <3

    • Aibek
      April 19, 2011 at 1:12 pm

      nice avatar :)

Leave a Reply

Your email address will not be published. Required fields are marked *