密码熵值计算器 Entropy Calculator
根据字符空间大小 N 与 长度 L 估算密码的理论熵值(bits),并给出组合数与粗略猜解时间。
Estimate theoretical entropy (in bits) from charset size N and length L, plus combinations and rough crack time.
这是什么?(CN)
“密码熵(Entropy)”常用来衡量“随机性/不确定性”的理论上限。本工具使用最常见的理想化模型:假设每一位字符都是独立且均匀随机地从字符空间里选取。
在这个假设下,长度为 L、字符空间大小为 N 的密码,其组合数为:
N^L,熵值(bits)为:log2(N^L) = L · log2(N)。
What does it mean? (EN)
Password entropy is a theoretical upper bound for randomness/uncertainty. This tool uses an ideal model:
each character is chosen independently and uniformly at random from a set of size N.
Under this assumption, combinations are N^L, and entropy in bits is
log2(N^L) = L · log2(N).
-
字符空间怎么选?(CN) 勾选“大小写/数字/符号”是常见近似;若你的系统只允许某些字符(例如不允许空格、不允许部分符号),可用“自定义 N”直接填写。
How to choose N? (EN) Checking sets (lower/upper/digits/symbols) is a common approximation. If your system restricts characters, use “Custom N”. -
为什么这只是“理论熵”?(CN) 现实中用户常用可预测模式:生日、手机尾号、姓名缩写、键盘走位(qwerty)、重复(aaaa)、替换规则(a→@)等。
这些都会使实际可搜索空间远小于 N^L。
Why “theoretical”? (EN) Real passwords often contain patterns (dates, names, keyboard walks, repeats, common substitutions), so the real search space is far smaller than N^L. -
猜解时间怎么看?(CN) 本工具用“组合数 ÷ 猜解速度”给出量级估算,并默认显示“平均需要一半空间”这一常见直觉(平均尝试次数约为 50%)。
但真实世界里,攻击者通常优先用字典/规则攻击,很多“看起来熵很高”的密码也可能很快被命中。
How to read crack time? (EN) We estimate time as “combinations ÷ guess rate”, and also show the intuition that average success is around 50% of the space. In reality, attackers use dictionaries/rules first, so some “high-entropy-looking” passwords can fall quickly. -
更靠谱的提升方式(CN) 若你想要“更接近真实安全性”的提升:优先使用长口令短语(passphrase)、启用MFA/2FA、并确保服务端使用慢哈希(bcrypt/argon2/scrypt)和合理的登录限流/锁定策略。
Practical upgrades (EN) For real-world security: use long passphrases, enable MFA/2FA, and rely on slow hashes (bcrypt/argon2/scrypt) plus rate-limiting/lockouts.
免责声明:本工具仅用于学习与估算,不构成安全审计或合规建议。不同系统的密码策略、哈希算法与防护策略差异很大。
Disclaimer: This tool is for education and estimation only. Real security depends heavily on system policies, hashing, and defenses.
