Concept · 7 min read

What is password entropy, really?

conceptUpdated June 2026·SecureKeyGenerator engineering

Entropy is the single number that tells you how hard a password is to guess. Strip away the jargon and it's just counting — here's the whole idea from first principles.

When we say a password has "128 bits of entropy," we mean an attacker who knows exactly how it was made would still have to try, on average, half of 2^128 possibilities to land on it. Entropy measures unpredictability — not how exotic the characters look.

The formula

For a password built by drawing each character independently and at random from a pool of R possible symbols, with length L, the entropy in bits is:

entropy (bits) = L × log₂(R)

Two levers, then: the pool size R and the length L. Each extra character adds a fixed log₂(R) bits, which is why length is the most reliable way to buy strength.

Lowercase only → R = 26 → log₂(26) ≈ 4.7 bits per character
Upper + lower + digits → R = 62 → ≈ 5.95 bits per character
Add symbols → R ≈ 95 → ≈ 6.57 bits per character
Raw hex → R = 16 → exactly 4 bits per character

The crucial caveat: randomness

That formula only holds when every character is chosen independently and uniformly at random. The moment a human picks the characters, the assumption collapses. P@ssw0rd1 draws from a 95-symbol pool across 9 characters — about 59 "theoretical" bits — yet a cracker breaks it instantly, because it's a dictionary word with predictable substitutions. The real entropy is close to zero.

This is why generation matters more than rules. A machine drawing from crypto.getRandomValues() actually achieves the entropy the formula promises. A human "being creative" almost never does.

What the numbers buy you

Assume a well-resourced offline attacker at 10^11 guesses per second against fast-hashed or unsalted data. Rough resistance by entropy:

28 bits — "spring9!"< 1 second

50 bits — 9 random alphanumerics~ 3 hours

75 bits — 13 random alphanumericscenturies

128 bits — a proper keyheat-death territory

A practical target: aim for 75+ bits for an account password and 128 bits for anything machine-to-machine, like an API key or session secret.

Mapping it back to the tools

Length beats complexity. Going from 12 to 16 random characters adds more entropy than sprinkling in symbols ever will.
Bigger pool, fewer characters needed. A 64-symbol URL-safe token packs 6 bits per character, so 22 characters clears 128 bits.
Hex is honest but verbose. At 4 bits per character you need 32 hex characters for a 128-bit key — which is exactly why 256-bit keys print as 64 hex digits.

See entropy live

The generator shows the bit-strength of every value as you adjust length and format; the audit tool reports entropy for any password — all in your browser.

Open the generator

← /blog next: Math.random() →