Password Crack Time Calculator

Password Crack Time Calculator

Connect via MCP →

Enter Calculation

Formula

Advertisement

Results

Estimated Time to Crack (brute force)
208.83
seconds
Character set size 26
Total combinations 208,827,064,576
In hours 0.06
In days 0
In years 0

What this calculator does

The Password Crack Time Calculator estimates how long an attacker would need to brute-force a password by trying every possible combination. It is based purely on the size of the keyspace and the attacker's guessing speed, giving you a quick sense of how much stronger a longer or more complex password really is.

How to use it

Enter the password length (number of characters), tick the character sets your password draws from, and set the attacker's guesses per second. A modern GPU rig can do roughly one billion (1,000,000,000) fast-hash guesses per second, which is a reasonable default. The result shows the worst-case time to exhaust the entire keyspace, expressed in seconds, hours, days, and years.

The formula explained

The total number of possible passwords is the character set size raised to the power of the length: \(C = N^{L}\). Dividing that by the attacker's guesses per second gives the time to try them all:

$$t = \frac{N^{L}}{G}$$

The character set size N adds up: lowercase (26), uppercase (26), digits (10) and symbols (32), so a full mix gives \(N = 94\).

Exponential curve showing crack time rising steeply as password length increases
Each extra character multiplies the number of combinations, so crack time rises exponentially with length.
Diagram relating character set size N, password length L, and guess speed G to crack time
Crack time grows as the character set size raised to the password length, divided by the attacker's guess speed.

Worked example

Take an 8-character lowercase password (\(N = 26\), \(L = 8\)) against an attacker doing 1 billion guesses/second. Combinations = \(26^{8} = 208{,}827{,}064{,}576\). Crack time:

$$t = \frac{208{,}827{,}064{,}576}{1{,}000{,}000{,}000} \approx 208.83 \text{ seconds}$$

— under four minutes. Add uppercase, digits, and symbols (\(N = 94\)) and the same length jumps to \(94^{8} \approx 6.1 \times 10^{15}\) combinations, or about 70 days.

FAQ

Is this exact? No. It is the theoretical maximum for pure brute force. Real attackers use dictionaries, leaked password lists, and patterns, so a guessable password falls far faster than this estimate.

What guess rate should I use? It depends on the hash. Fast hashes (MD5, unsalted) allow billions per second; slow hashes (bcrypt, Argon2) allow only thousands. Lower G means a much longer crack time.

How do I make a strong password? Length beats complexity. Each extra character multiplies the keyspace by N, so a long passphrase is dramatically harder to crack than a short complex one.

Last updated:

Related calculators

  • Password Combination Calculator

    Calculate the total number of possible password combinations and entropy in bits from your character set size and password length.

  • Password Entropy Calculator

    Calculate password entropy in bits from length and character set. See strength and estimated crack time using the formula bits = length × log2(charset).

  • Streaming Data Usage Calculator

    Estimate how much data Netflix, YouTube and other streaming uses by quality and hours. Convert bitrate (Mbps) and viewing time into GB used per day and month.

  • Byte Converter (KB, MB, GB, TB, PB)

    Convert digital storage units instantly. Switch between bytes, KB, MB, GB, TB and PB using the binary 1024 base. Free, fast online byte converter.

  • Screen Resolution to Megapixels Calculator

    Convert any screen or image resolution in pixels to megapixels. Enter width and height to get total pixel count and megapixel value instantly.