I found another good resource to to check how is safe or weak a password. In the example below, I tested an easy password : " password " and The Password Checker ( Strength Test - http://rumkin.com/tools/password/passchk.php ) gives an estimation about how strong is this password in terms of strenght, entropy and charset size.
- Warnings are shown if you enter a common password.
- Warnings are shown if your password is very short (4 or less characters) or if it is short (less than 8 characters)
- Password strength is determined with this chart, which might be a bit of a stretch for a non-critical password:
< 28 bits = Very Weak; might keep out family members
28 - 35 bits = Weak; should keep out most people, often good for desktop login passwords
36 - 59 bits = Reasonable; fairly secure passwords for network and company passwords
60 - 127 bits = Strong; can be good for guarding financial information
128+ bits = Very Strong; often overkill
- The number of bits listed for entropy is an estimate based on letter pair combinations in the English language. To make the frequency tables a reasonable size, I have lumped all non-alphabetic characters together into the same group. Because of this, your entropy score will be lower than your real score when you use several symbols.
- For determining the character set, letters are grouped into a-z, A-Z, numbers, symbols above numbers, other symbols, and other characters. If your passphrase contains a character from the subset, that subset is added to the pool, increasing the size of the character set and increasing the amount of entropy in your password.
Link : Strength Test