Score password strength using a zxcvbn-inspired entropy model that rewards length and character diversity while penalizing dictionary words and predictable patterns.
Metrics returned
- Score (0–4) — qualitative band from very weak to very strong
- Entropy (bits) — estimated guessing difficulty based on charset size and length
Processing runs entirely in the browser; the password never leaves your device.
What increases strength
Longer passphrases, mixed case, digits, symbols, and random ordering raise entropy. Common passwords (password123), keyboard walks (qwerty), and leaked-base terms score poorly even with superficial complexity.
When to use it
Educate users during signup flows, audit policy compliance in UX mockups, or compare passphrase versus complex-short-password strategies.
Limitations
Heuristic scoring cannot detect breaches of your specific hash database or guess personal context (pet names, birthdays) unless they appear in the embedded dictionary. A high score does not replace multi-factor authentication or unique passwords per site.