Transparent attack assumptions
Password Crack Time Calculator
Calculate theoretical entropy and average guessing time for a random password under clearly stated attack rates.
Random password configuration
Passwords are generated and evaluated locally in your browser using crypto.getRandomValues(). PwdGen does not upload or store generated values, and never includes password input in analytics. Strength and crack-time results are estimates, not guarantees.
Estimated average crack time
Adjust the assumptions to calculate- Entropy ceiling
- —
- Estimated time
- —
How to read the estimate
This calculator models uniformly random passwords. It does not claim that one GPU has a universal cracking speed because the rate depends heavily on the password hash, work factor, hardware, and attack setup.
Use the slow-hash and online scenarios when evaluating real account security. The fast-hash scenario is a deliberately harsh comparison, not a prediction for every breached database.
Password Crack Time Calculator FAQ
Is the estimate an exact RTX 4090 benchmark?
No. A GPU rate without a specific hash algorithm and benchmark date is misleading. The calculator exposes the guesses-per-second assumption instead.
Why is average time half the full search space?
For a uniformly random target, an exhaustive attacker finds the correct value halfway through the search space on average.
Does adding length help more than adding symbols?
Both increase search space. Additional unpredictable length often adds more practical resistance and is easier to use.