UtilityBase logoUtilityBase

2 min read

How Password Entropy Works (Why Length Beats Complexity)

What entropy bits actually measure, why a longer simple password beats a short complex one, and how the math translates to real-world cracking time.

Entropy is a count of possibilities

Password strength is measured in bits of entropy — a logarithmic count of how many equally likely passwords an attacker must consider. Each additional bit doubles the search space: 40 bits means about a trillion possibilities; 60 bits is a million times more than that; 80 bits, a million times more again.

The formula is simple: entropy = length × log₂(pool size), where the pool is how many characters each position could be. Lowercase only gives log₂(26) ≈ 4.7 bits per character; adding uppercase, digits, and symbols raises the pool to about 90, or roughly 6.5 bits per character. Crucially, this math only holds for randomly generated passwords — a human-chosen password built from words and predictable substitutions has far less real entropy than its length suggests, because attackers guess patterns, not raw combinations.

Why length beats complexity

Compare two policies. An 8-character password using all 90 symbol types: 8 × 6.5 ≈ 52 bits. A 14-character lowercase-only password: 14 × 4.7 ≈ 66 bits — over 16,000 times stronger, and far easier to type. Each extra character multiplies the search space by the whole pool size, while widening the pool only nudges the per-character exponent.

This is why modern guidance (including NIST's) emphasizes length over mandatory symbol rules. Complexity requirements mostly cause predictable patterns — the capital first letter, the trailing '1!' — which crackers try first. A long random string, or a passphrase of four to five truly random words, delivers real entropy without the theater.

From bits to cracking time

What do the bits buy you? A serious offline attacker with GPUs can test billions to trillions of guesses per second against a stolen database of fast hashes. At a very aggressive 1 trillion guesses/second: 40 bits falls in about a second, 52 bits in an hour and a half, 66 bits in a couple of years, 80 bits in tens of thousands of years, and 100+ bits outlasts the solar system.

That's the worst case — sites that hash passwords properly (bcrypt, scrypt, Argon2) slow attackers by factors of thousands to millions. But since you can't verify a site's hashing from the outside, aim for strength that survives the worst case: 75–80+ bits, which the password generator on this site reads out live as you adjust length and character sets. Sixteen random characters from a full pool comfortably clears 100 bits.

  1. 1Open the Password Generator and enable all four character sets.
  2. 2Set the length to at least 16 — watch the entropy readout clear 100 bits.
  3. 3For passwords you must type often, prefer length over symbols: 20 lowercase characters beats 10 complex ones.
  4. 4Use a unique password per account, stored in a password manager — entropy can't save a password reused on a breached site.

Frequently asked questions

Is a passphrase of words really secure?

Yes, if the words are chosen randomly from a large list. Four words from a 7,776-word list is about 51.7 bits; five words is ~64.6; six is ~77.5. The words must be truly random — lyrics, quotes, or phrases you'd naturally think of have drastically less entropy.

Does changing one character when reusing a password help?

Barely. Attackers who obtain one of your passwords automatically try close variants — appended digits, swapped symbols, incremented numbers. Unique random passwords per site are the only real defense against reuse attacks.

Why do sites still force symbol requirements?

Legacy policy inertia. Composition rules predate modern research showing they produce predictable patterns without much real entropy. Comply where required, but get your actual strength from length and randomness.

Tools mentioned in this guide

Keep reading