Password Strength Analyzer & Entropy Calculator

A client-side web application that analyzes password strength, calculates entropy, detects patterns, estimates crack times, and provides improvement suggestions. All analysis is performed locally in your browser - no data is sent to any server.

Features

• Password Strength Scoring: Uses zxcvbn by Dropbox for industry-standard password strength estimation
• Visual Strength Indicator: Color-coded strength meter (0-4 scale) showing password strength at a glance
• Pattern Detection: Identifies dictionary words, keyboard patterns, sequences, and repeated characters
• Crack Time Estimation: Estimates time to crack using different attack methods (online throttled/unthrottled, offline slow/fast hashing)
• Improvement Suggestions: Provides actionable feedback and suggestions to improve password strength
• Character Set Analysis: Shows which character types are used (lowercase, uppercase, digits, symbols)
• Real-time Analysis: Updates all metrics as you type
• 100% Client-side: All processing happens in your browser - no network requests

Technology Stack

• React 18: UI framework
• Tailwind CSS: Styling
• Vite: Build tool and dev server
• zxcvbn: Password strength estimation library by Dropbox

Setup

1. Install dependencies:

npm install

2. Start the development server:

npm run dev

3. Open your browser and navigate to the URL shown in the terminal (usually http://localhost:5173)

Build for Production

To build the application for production:

npm run build

The built files will be in the dist directory. You can preview the production build with:

npm run preview

Usage

1. Type a password in the input field
2. View real-time analysis including:
   • Password strength score (0-4 with color-coded indicator)
   • Estimated guesses needed to crack
   • Character set composition (lowercase, uppercase, digits, symbols)
   • Detected patterns (dictionary words, keyboard patterns, sequences, repeats)
   • Estimated crack times for different attack scenarios
   • Feedback and suggestions for improvement

Strength Levels

The tool uses zxcvbn's 0-4 scoring system:

• 0 - Very Weak: Red (too guessable: risky password)
• 1 - Weak: Orange (very guessable: protection from throttled online attacks)
• 2 - Fair: Yellow (somewhat guessable: protection from unthrottled online attacks)
• 3 - Good: Light Green (safely unguessable: moderate protection from offline slow-hash scenario)
• 4 - Strong: Dark Green (very unguessable: strong protection from offline slow-hash scenario)

Security Notes

• All analysis is performed entirely in your browser
• No password data is transmitted over the network
• No external APIs are called
• You can safely analyze passwords without privacy concerns

License

MIT