A command-line tool to analyze the strength of a password based on common security rules, scoring algorithms, and cryptographic entropy.DescriptionThis script provides a comprehensive analysis of a given password. Instead of just saying "weak" or "strong," it gives actionable feedback and calculates the password's entropy in bits, which is a logarithmic measure of how many guesses an attacker would need to crack it.
It's built to be simple, easy to use, and educational, demonstrating key concepts in cybersecurity and Python programming.
-
Scoring Algorithm: Rates passwords as "Very Weak," "Weak," "Moderate," "Strong," or "Very Strong."
-
Actionable Feedback:Provides specific tips for improvement (e.g., "Missing uppercase letter," "Avoid repetitive characters").
-
Entropy Calculation: Calculates the password's theoretical strength in bits using the
$Entropy = L \times \log_2(R)$ formula. -
Regex Checks: Uses regular expressions to validate the presence of:Lowercase letters (a-z)Uppercase letters (A-Z)Numbers (0-9)Special characters (!@#$...)
-
Common Password Check: Instantly fails known weak passwords (e.g., "password", "123456").
-
Secure Input: Uses getpass to hide the password as it's typed, so it's never shown on screen.
This script requires no external libraries and can be run directly from any terminal with Python 3 installed.
- Clone or Download: Save the code as password_checker.py.
- Run the Script:Open your terminal or command prompt, navigate to the directory where you saved the file, and run:Bashpython3 password_checker.py
- Enter Your Password:You will be prompted to enter a password. Your typing will be hidden for security.Bash--- Python Password Strength Checker --- Enter a password to analyze. (It will not be shown on screen.) Password:
Here are a few examples of the analysis output.
Example 1: A Weak Password
Password:
--- Analysis Results ---
Rating: Weak
Score: 42%
Entropy: 33.22 bits
Feedback:
* Password is too short (minimum 8 characters).
* Missing uppercase letter (A-Z).
* Missing special character (e.g., !@#$).
* Low entropy (33.22 bits). A computer could crack this quickly.Example 2: A Strong Password
Password:
--- Analysis Results ---
Rating: Very Strong
Score: 100%
Entropy: 91.75 bits
Feedback:
* Good length (12+ characters).
* Excellent entropy (91.75 bits). Very difficult to crack.Example 3: An Extremely Common Password
Password:
--- Analysis Results ---
Rating: Very Weak
Score: 0%
Entropy: 0 bits
Feedback:
* This is an extremely common and weak password.The tool analyzes passwords using two primary methods:
- Rules-Based Scoring:The script checks for common password requirements (length, character variety) using regular expressions (re module). It adds or subtracts points based on these rules to generate a final score and a human-readable rating.
- Entropy Calculation:This is a more theoretical measure of strength. The script first determines the size of the "character pool" (R) used in the password (e.g., 26 for lowercase, +26 for uppercase, +10 for numbers, +32 for symbols). It then uses the formula
$Entropy = L \times \log_2(R)$ , where L is the password length. This result (in "bits") provides a powerful way to compare password strength, as each additional bit doubles the password's complexity.