Password Strength Checker|密码强度检测器

密码强度检测器 | Password Strength Checker

密码强度检测器 Password Strength Checker

根据长度、字符集与常见模式评估密码强度与潜在风险(本地计算,不上传)。
Evaluate password strength & risks based on length, character sets, and common patterns (runs locally; no upload).

1. 输入密码 · Password Input
建议不要直接输入你的“真实主密码”。可以输入同结构的替身密码来测试规则。
Avoid typing your real “master password”. You can test with a structurally similar placeholder instead.

提示:强密码通常具备更长长度(≥12)、更多字符种类、并避免常见词/序列/重复。
Tip: Strong passwords tend to be longer (≥12), more diverse, and avoid common words/sequences/repeats.
在线攻击通常受限于验证码/锁定策略,速度很慢;离线攻击取决于哈希算法与硬件。
Online attacks are throttled by lockouts/CAPTCHAs; offline attacks depend on hashing & hardware.
这些检测会“扣分提示风险”,并不会把密码上传或记录。你刷新页面即可清除。
These checks only reduce score and show warnings; nothing is uploaded or stored. Refresh to wipe.
3. 使用说明 · Notes
  • 本工具是否上传密码? · Does this tool upload my password?
    不会。所有计算都在你的浏览器本地完成,页面不会向服务器发送密码内容。你可以断网后继续使用。
    No. Everything runs locally in your browser. The page does not send your password to any server. You can even use it offline.
  • 评分是如何得出的? · How is the score calculated?
    评分主要综合三部分:
    长度(越长越好) ② 字符种类(大小写/数字/符号越多越好) ③ 模式惩罚(常见弱口令、重复、顺序、年份等会扣分)。
    The score combines: (1) length, (2) character variety, and (3) pattern penalties (common passwords, repeats, sequences, year-like patterns).
  • “字符空间/熵”是什么意思? · What does “charset space / entropy” mean?
    我们用一个粗略模型:如果密码来自某个字符集合(例如大小写+数字+符号),那么理论上可能组合数量约为 N^L(N 为字符集大小,L 为长度)。这能帮助你直观理解“增加长度/字符集”的价值。
    We use a rough model: if a password is drawn from a charset of size N with length L, the search space is ~ N^L. This shows why length and charset variety matter.
  • 估算破解时间可靠吗? · Is the crack-time estimate reliable?
    只是“量级参考”。真实世界中还会受到:哈希算法强度(bcrypt/argon2 vs. MD5)、是否有盐、锁定策略、攻击者资源等影响。
    It’s only an order-of-magnitude reference. Real outcomes depend on hashing (bcrypt/argon2 vs MD5), salting, rate limiting, attacker resources, etc.
  • 常见误区 · Common mistakes
    用“Password123!”、“qwerty”、“admin”等常见词;
    用生日/手机号/公司名/用户名;
    只做简单替换(a→@,o→0,i→1)但整体仍是词典词;
    多个网站复用同一个密码(撞库风险极高)。
    Using common strings (“Password123!”, “qwerty”), personal info (DOB/phone/company), simple leetspeak only, or reusing passwords across sites.
  • 推荐做法 · Recommended approach
    优先增加长度:建议至少 12 位,重要账号 16 位以上;
    用密码管理器生成并保存随机密码;
    或使用“长口令短语”(passphrase):由多个不相关单词 + 分隔符组成,并加入变化;
    关键账号启用双因素认证(2FA/MFA)。
    Prefer longer passwords (12+; 16+ for critical accounts), use a password manager, consider passphrases, and enable MFA.

免责声明:本工具为安全教育与自查用途,不构成任何安全保证或合规承诺。请结合你的系统实际策略(锁定、MFA、哈希算法)综合评估。
Disclaimer: This tool is for education and self-checking only. It does not guarantee security. Always consider your real-world controls (lockout/MFA/hashing) together.