A-Z Popular Blog Security Search »
Information Security
 Advertisements
Related Guides
Information Security
top   »  information technology   »  information security   »  authentication   »  password entropy

What is Password Entropy?

 , updated on
Password entropy is a measure of the strength of a password based on information theory. This is a function of the permissible character set and password length that is expressed in bits. As bits can be either 0 or 1, a 50 bit password would require a maximum of 250 tries to guess with certainty.
Generally speaking, password entropy is good at establishing an upper bound of guesses for a password. It is naive when it comes to the actual number of guesses. Password entropy looks only at the length and character set of a password. It doesn't consider the possibility of intelligent guesses. For example, most password guessing algorithms would guess a common password such as p@ssw0rd right away.
Overview: Password Entropy
Type
Authentication
Information Security
Definition (1)
A measure of the strength of a password based on the number of bits that are required to represent it. This is a function of character set and password length.
Definition (2)
A measure of password strength based on information theory that represents the maximum number of guesses a brute-force method would require to guess a given password.
Related Concepts
Brute Force
Strong Password
Authentication
Information Security

Information Security

This is the complete list of articles we have written about information security.
Audit Trail
Canary Trap
Confidential Information
Critical Infrastructure
Cryptographic Keys
Cryptographic Salt
Cryptography
Cybersecurity Risk
Data Breach
Data Remanence
Data Room
Data Security
Deep Magic
Defense In Depth
Degaussing
Digital Identity
Failure Of Imagination
Geofencing
Hardening
Honeypot
Incident Response
IoT Security
Key Stretching
Network Security
Non-repudiation
Nonce
Operations Security
Overlay Network
Password Entropy
Password Fatigue
Proof Of Work
Sandbox
Secure Code Review
Security As A Service
Security Controls
Zero-day
More ...
If you enjoyed this page, please consider bookmarking Simplicable.
 
Cite »

Authentication

A list of authentication techniques and considerations.

Password Entropy

An overview of password entropy.

Identification vs Authentication

The difference between identification and authorization.

Authentication vs Authorization

A few examples of the difference between authentication and authorization.

Security vs Privacy

The relationship between security and privacy.

Hardening

An overview of technology hardening.

Deep Magic

An overview of deep magic, a technology term.

Defense In Depth

An overview of defense In depth.

Encryption Examples

A definition of encryption with examples.

Canary Trap

A definition of canary trap with an example.

Honeypot

A definition of honeypot with examples.

Security Through Obscurity

A definition of security through obscurity with an example.

Tokens

A definition of token with examples.

Backdoor

A definition of backdoor with examples.

Trending

The most popular articles on Simplicable in the past day.

New Articles

Recent posts or updates on Simplicable.
Site Map
Benchmarking
Business Analysis
Coding
Communication
Compliance
Networking
Computing
Creativity
Cryptography
Data
Design
Design Thinking
Governance
Information Security
Information Technology
Infrastructure
Knowledge Management
Management
Metrics
Organizational Culture
Problem Solving
Productivity
Project Management
More ...
© 2010-2023 Simplicable. All Rights Reserved. Reproduction of materials found on this site, in any form, without explicit permission is prohibited.

View credits & copyrights or citation information for this page.

Home About     Privacy Policy     Cookies Terms of Use     Contact Us Search


Cookies help us deliver our services. You have choices regarding these cookies. Please visit our privacy policy, cookie policy and consent tool to learn more.


Copyright 2002-2024 Simplicable. All rights reserved. This material may not be published, broadcast, rewritten, redistributed or translated. Report violations here.