what do u think of ur password strength?

Can I get a scale that goes to 50 chars?

Why is 106 years better than 3bn years.

The colors in this chart are an absolute joke.

123456789012345678 <-- that's 126 years. Impresive!

However, this table is not particularly accurate. Leaving the fact that hardware capabilities are not specified, the hardware is not unlimited. As the hacker does not know what types of chars are in your pw, he has to choose one of those columns. For instance if the hacker assumes you have <=8 symbols in your pw but doesn't know whether they are letters, numbers or others, if the hacker is determined to get your pw -- it might take him up to 57 days to break it as he'll be using the full dictionary. And you might get away with a simple qqweqrty as your pass.

If the hacker is not determined crack your pass in particular, he may go fishing with a simple bruteforce: trying lots of accounts in your company with ~15minutes of [a-z0-9]{,8} bruteforce each. At least one of them is likely to have a simple passphrase, and your qqweqrty is among them.

Point is: you may still have a weak password that would take a long time to break.

Most of my passwords would take about 1k years to crack... nice!

Most of my passwords are not on this chart.

Most of mine are at 193tn years, should be ok for a few years atleast. (although i'm fairly certain that hardware will get fast enough to crack it in seconds in much less than 193tn years)

Password strength is - after a certain level - useless.

Bruteforce cracking is usually not very rewarding...

I'd need this to go up to 150 chars at least...

Entropy matters most.

correct horse battery staple

I generate them with Keepass, usually 16 long, numbers, upper/lower case, symbols. So almost all of my passwords are 193tn years, great.

And then realize you put in that password into an outdated site using unsalted md5 (rainbows any "password" in seconds)

@hjk101 that's so sad

@hjk101 That's why you use a different password for each site.