ReadyCalculator
MathPhysicsFinanceConstructionBiologyChemistryConversionEcologyEveryday LifeFoodHealthSportsStatisticsOther

Password Combination Calculator

Choose character sets and length to see how many unique passwords exist, how much entropy they provide, and how long brute-force attacks might take.

Count of additional unique characters beyond the standard sets.

Character Set Size

62

Unique characters available per position

Total Combinations

3226266762397899821056

Number of distinct passwords

Entropy

71.45 bits

Information content

Strength

Strong

Based on entropy thresholds

Time to Crack (1B guesses/s)

5.11e+4 years

Assuming brute-force attack

How to Use This Calculator

  1. Select the character sets included in your password policy.
  2. Enter the password length and any custom characters available.
  3. Review the total number of combinations and entropy. Aim for at least 64 bits of entropy for strong passwords.
  4. Use the brute-force estimate to gauge how long attackers might take with high-end hardware.

Formula

Combinations = charsetlength

Entropy = log2(Combinations) = length × log2(charset)

Time to crack ≈ Combinations / (2 × attempts per second)

Entropy measures the unpredictability of passwords. Each additional bit doubles the search space, making brute-force attacks exponentially harder.

Full Description

Password strength depends on both length and variety of characters. Short passwords with small character sets are easy to guess, while long, diverse passwords resist brute-force attacks. This calculator helps security teams define policies and educates users about the benefits of strong passphrases.

Keep in mind that password managers can generate high-entropy passwords automatically. For memorized passwords, consider using passphrases with four or more random words to balance usability and security.

Frequently Asked Questions

Does this account for dictionary attacks?

No. The calculator assumes all passwords are random. Real-world attackers exploit common patterns, so avoid predictable substitutions and reuse.

What entropy level should I target?

Aim for at least 64 bits for important accounts and 100+ bits for long-term secrets. Many password managers default to 128-bit strength.

Why is the time-to-crack estimate so rough?

Hardware speeds vary, and attackers may exploit leaks or rules rather than pure brute force. The estimate offers a conservative baseline.

How do custom characters help?

Adding unique characters expands the charset and increases entropy. This is useful for passphrases that include spaces or unicode symbols.