Password Entropy Explained: Why 80 Bits Keeps Hackers Out (2026)

When a security tool tells you your password has "80 bits of entropy," most people nod and move on. The number sounds technical. But entropy is actually one of the most useful concepts in password security — and once you understand it, you'll never think about passwords the same way.

What password entropy means

Entropy, in information theory, measures unpredictability. In the context of passwords, it answers a specific question: how many guesses does an attacker need, on average, to crack this password by brute force?

The answer is 2^(entropy bits). A password with 40 bits of entropy requires an average of 2^40 = roughly 1 trillion guesses. A password with 80 bits requires 2^80 ≈ 1.2 quintillion guesses.

The difference between 40 bits and 80 bits isn't 2×. It's 2^40 ≈ 1 trillion times harder.

The formula

Password entropy is calculated as:

entropy (bits) = length × log₂(pool size)

Where pool size is the number of distinct characters the password can use:

| Character set | Pool size | Bits per character | |---|---|---| | Digits only | 10 | 3.32 | | Lowercase letters | 26 | 4.70 | | Upper + lowercase | 52 | 5.70 | | Alphanumeric (upper + lower + digits) | 62 | 5.95 | | Full printable ASCII (all types) | 95 | 6.57 |

A 16-character password using all character types: 16 × 6.57 = 105 bits. A 16-character lowercase password: 16 × 4.70 = 75 bits. Both are strong. The difference is about 30 bits — meaningful, but not the most efficient use of complexity.

What different entropy levels mean in practice

Modern GPUs can make billions to hundreds of billions of password guesses per second — depending on the hashing algorithm the breached site used. Hive Systems publishes an annual table showing crack times by password type.

| Entropy | Crack time (offline, fast hash) | Assessment | |---|---|---| | < 30 bits | Milliseconds | Completely insecure | | 30–40 bits | Minutes to hours | Weak | | 40–60 bits | Days to months | Fair — not recommended | | 60–80 bits | Decades | Strong for most uses | | 80–100 bits | Longer than a human lifetime | Very strong | | 100+ bits | Longer than the universe's age | Practically uncrackable |

Proton's password entropy guide uses 75 bits as the threshold for "strong" passwords. Most security researchers put the recommended minimum at 80 bits for standard accounts, with 100+ bits for high-value targets like email, banking, and work systems.

Why length beats complexity

Here's the key insight: each additional character multiplies the search space by the pool size. Each additional character type adds less than one bit per character.

Example: Adding one character to a 15-char lowercase password adds 4.70 bits. Switching the entire password from lowercase to all-character-types adds only 1.87 bits per character — so switching a 15-char lowercase password to 15-char all-types gives 15 × 1.87 = 28 extra bits. But adding 6 more characters (lowercase) gives 6 × 4.70 = 28 bits.

Same gain. One approach is adding 6 characters. The other is adding all those complexity rules.

Length and complexity together is optimal. But if you have to choose, length wins every time.

Human-chosen passwords have much less entropy than they seem

A 16-character human-chosen password is not 75 bits of entropy. Humans are terrible at true randomness. We favor:

• Known words
• Names and dates
• Keyboard patterns
• Simple substitutions (a→@, e→3)
• Starting with capital letter, ending with numbers

Empirical studies on password datasets from breaches show that human-chosen passwords have effective entropy 3–5× lower than mathematical entropy would suggest for the same character count.

This is the core argument for random password generators. A generator using crypto.getRandomValues() produces passwords where the mathematical entropy is the real entropy — no human bias, no patterns, no guessable structure.

How to get 80+ bits without thinking about it

Just use a generator with sensible settings:

| Length | Characters | Entropy | |---|---|---| | 16 | Alphanumeric only | 95 bits | | 16 | All types | 105 bits | | 20 | Lowercase only | 94 bits | | 20 | All types | 131 bits | | 24 | All types | 157 bits |

Any of the above gets you to 80+ bits comfortably. The default 16-character alphanumeric password from a good generator is strong enough for virtually every use case.

Generate a password with live entropy display — watch the bits counter as you adjust length and character sets.

---

Frequently asked questions

How many bits of entropy does a password need?

80 bits is the common recommendation for standard accounts. For high-value accounts (email, banking, anything with financial access), 100+ bits is better. Below 60 bits is not recommended for anything important.

Is 128 bits of entropy necessary?

128 bits is the threshold used for cryptographic keys — genuine mathematical certainty against brute force for millennia. For passwords, 80–100 bits is sufficient because most attacker time is spent on credential stuffing (trying known breached passwords), not brute forcing from scratch.

Does password entropy matter if I use a password manager?

Yes — but the reasoning changes. With a password manager, your risk isn't brute force on individual passwords; it's a compromise of the manager itself or the master password. High-entropy generated passwords protect you against individual site breaches and credential stuffing.

What's the entropy of a random 16-character password?

With all character types (95-character pool): 16 × log₂(95) ≈ 105 bits. With alphanumeric only (62-character pool): 16 × log₂(62) ≈ 95 bits. With just lowercase (26-character pool): 16 × log₂(26) ≈ 75 bits.

Why does the entropy formula use log₂?

Because we measure entropy in bits — base-2 units. log₂(pool size) tells you how many bits of information each character position carries. A character from a 26-character alphabet carries log₂(26) ≈ 4.7 bits. A coin flip carries log₂(2) = 1 bit exactly.

---

Put entropy to work: use Utilia's free password generator to generate cryptographically random passwords with measurable entropy, right in your browser.