Why Password Generator Entropy Numbers Actually Matter
Most password generators show an entropy number nobody reads. Here's what 60 vs 80 vs 128 bits actually means in practice.
Every password generator worth using shows you an entropy number. Most people glance at it, see 'strong', and move on. The number is doing real work though, and being able to read it changes how you set policies and how you use generators day to day.
Entropy is measured in bits. Each bit doubles the search space an attacker has to traverse. So a 60-bit password is twice as hard to guess as a 59-bit password and a billion times harder than a 30-bit password. The number scales exponentially in a way that intuition is bad at.
Real-world thresholds:
— Below 40 bits: trivially crackable on a single GPU in seconds. Anything in this range is just not a password.
— 40 to 60 bits: crackable by a motivated attacker with rented compute, hours to days. Acceptable only when paired with rate limiting and lockout (most web logins).
— 60 to 80 bits: out of reach for individual attackers but within reach of well-funded ones (state-level, organized crime). Reasonable for most use cases.
— 80 to 128 bits: out of reach for everyone except in scenarios involving years of dedicated cluster time. The bar most security guides aim at.
— 128+ bits: cryptographic-strength. Used for keys, not for things humans type. Overkill for a login password but appropriate for an API key or a vault master key.
A random 12-character password using upper, lower, digits, and symbols (94 charset) gives you about 78 bits — solidly in the 'reasonable for most things' band. Bumping to 16 characters gets you to 105 bits and is the right setting for vault master passwords and admin credentials.
The two ways generators cheat: using a smaller charset than you think (some skip ambiguous characters, costing 5–10 bits), and using a non-cryptographic random source (Math.random in JavaScript is not safe). Our generator uses crypto.getRandomValues, the browser's CSPRNG, and shows the actual charset size in the entropy calculation.
If you remember one thing: 16 characters from a full charset is a sensible default. Below 12 needs justification.