As cyberattacks and breaches increase in number, using the best password managers and utilizing increased password strength are just one element of cybersecurity to be on top of.
The increasing sophistication of attacks means that strong passwords are a key barrier against these threats. Conversely, poor passwords are often a seriously weak link in organizational security, and even with the best password managers for business (opens in new tab), you could see breaches because people just don't realize how easy their passwords are to crack.
Below, we've outlined five of the best free options for testing password strength online. Using these services only takes a minute or two, and it's well worth it given you can protect accounts and data with improved security. Increasing password strength is one sure-fire way to improve online security for you and your business.
LastPass is a popular password manager for iOS and Android users. Like NordPass, LastPass offers a premium subscription, but the password strength test is available for free on the LastPass website. The tool works locally, so your information won’t be transmitted to LastPass servers.
While LastPass provides more information than Kaspersky, it isn’t as detailed as some of the other alternatives. It also doesn’t check information from previous data breaches, which can help you avoid using a password that’s already compromised.
Overall, LastPass is an excellent password manager (opens in new tab), but it isn’t quite as effective at evaluating potential passwords. UIC offers the most thorough analysis, and other sites stand out from LastPass by looking at data breaches. That said, LastPass is a sufficiently helpful option for most use cases.
NordPass is developed by the same team that’s behind NordVPN (opens in new tab), and its password strength checker is just as effective. You can access the password strength tool without creating an account or starting a subscription. That said, NordPass is a good app to consider if you’re looking for a way to securely store and share passwords.
NordPass uses a number of criteria to evaluate your password, including length and the presence of symbols, numbers, and both uppercase and lowercase letters. It then uses that information to generate an estimated time to crack, but it’s worth mentioning that these estimates aren’t an exact science. The service also checks previous data breaches to verify that your password isn’t already compromised.
Like NordPass, Kaspersky’s password strength tool comes from an established player in online security. Kaspersky has a wide range of other services, including antivirus software and virtual private networks (opens in new tab). You can check your password strength on the website without signing up or downloading an application.
While Kaspersky offers decent analysis, it doesn’t quite match up to UIC’s comprehensive reporting. Adding an explanation point to a password was enough to make it “hack-resistant,” but there wasn’t any detailed information about the password’s strength and weaknesses. That said, Kaspersky goes beyond UIC by checking for passwords in previous breaches.
We tested a number of password strength tools, but the University of Illinois at Chicago Password Strength Test was undoubtedly the most comprehensive. It provides fine-grained analysis that covers every aspect of each password, making it easy to identify weaknesses and make the necessary adjustments.
The website has a basic list of requirements, including length (eight or more characters), character diversity (one capital letter, one lowercase letter, and one number or punctuation), and no repeating patterns, dictionary worms, or common names. There’s also a thorough list covering other best practices, such as creating a unique password for new accounts rather than using the same one for every website.
UIC differentiates its password strength checker from other tools through its helpful analysis. While most sites use a few factors to check each password, UIC uses a total of 16. You’ll be able to identify common mistakes, like repetition or consecutive numbers, that most tools don’t look for. Unfortunately, the UIC password strength tool doesn’t look at data breaches, so you’ll need to check NordPass or another site if you want that information.
Comparitech is an online security firm that sells cloud storage (opens in new tab), antivirus (opens in new tab) solutions, VPNs, and other common tools. Like the other services on this list, Comparitech provides password strength tests through its website rather than requiring users to sign up or download an application.
Data is often targeted while in transit, so Comparitech never transfers your information to its servers. The password strength tool works locally and comes with many of the same insights available with other providers. Comparitech will flag length, character similarities, dictionary words, and other common issues.
Even if you know that capital letters, symbols, and length can make a password stronger, it can be tough to evaluate your own passwords and keep your information secure. These are just a few of the best sites to use if you want to check the strength of an existing or potential password.
Further reading on password managers
If you're looking for password management on a budget, check out our guide to the best free password managers (opens in new tab). Lost your password? Use one of the best password recovery tools (opens in new tab), and regain access to your important accounts.
Should you still be wondering whether to invest in a password manager, it's best to learn the top five things you need to consider before buying a password manager (opens in new tab). If you've got concerns about security and safety, take a look at why open-source password managers (opens in new tab) and password managers are safe (opens in new tab).