A-Z Popular Blog Security Search »
Information Security
Related Guides

What is Password Entropy?

 , updated on
Password entropy is a measure of the strength of a password based on information theory. This is a function of the permissible character set and password length that is expressed in bits. As bits can be either 0 or 1, a 50 bit password would require a maximum of 250 tries to guess with certainty.
Generally speaking, password entropy is good at establishing an upper bound of guesses for a password. It is naive when it comes to the actual number of guesses. Password entropy looks only at the length and character set of a password. It doesn't consider the possibility of intelligent guesses. For example, most password guessing algorithms would guess a common password such as p@ssw0rd right away.
Overview: Password Entropy
Definition (1)
A measure of the strength of a password based on the number of bits that are required to represent it. This is a function of character set and password length.
Definition (2)
A measure of password strength based on information theory that represents the maximum number of guesses a brute-force method would require to guess a given password.
Related Concepts

Information Security

This is the complete list of articles we have written about information security.
Audit Trail
Canary Trap
Confidential Information
Critical Infrastructure
Cryptographic Keys
Cryptographic Salt
Cybersecurity Risk
Data Breach
Data Remanence
Data Room
Data Security
Deep Magic
Defense In Depth
Digital Identity
Failure Of Imagination
Incident Response
IoT Security
Key Stretching
Network Security
Operations Security
Overlay Network
Password Entropy
Password Fatigue
Proof Of Work
Secure Code Review
Security As A Service
Security Controls
More ...
If you enjoyed this page, please consider bookmarking Simplicable.


A list of authentication techniques and considerations.

Password Entropy

An overview of password entropy.

Identification vs Authentication

The difference between identification and authorization.

Authentication vs Authorization

A few examples of the difference between authentication and authorization.

Security vs Privacy

The relationship between security and privacy.


An overview of technology hardening.

Deep Magic

An overview of deep magic, a technology term.

Defense In Depth

An overview of defense In depth.

Encryption Examples

A definition of encryption with examples.

Canary Trap

A definition of canary trap with an example.


A definition of honeypot with examples.

Security Through Obscurity

A definition of security through obscurity with an example.


A definition of token with examples.


A definition of backdoor with examples.
The most popular articles on Simplicable in the past day.

New Articles

Recent posts or updates on Simplicable.
Site Map