info@hackr.io 
Fact checked by Want to create a robust Python password strength checker to analyze password security? This project will guide you through building a command-line tool that evaluates the strength of a password based on entropy, length, and character diversity.
What You Will Learn:
- Understanding password strength evaluation
- Using entropy for password security analysis
- Implementing getpass for secure password input
- Validating user input and character diversity
- Creating a loop for multiple checks
Step 1: Setting Up the Project
Before we start coding, let’s set up our Python project:
1. Make sure Python is installed on your computer. If not, download it from the official Python website.
2. Open your favorite code editor or IDE.
3. Create a new Python file, for example, password_checker.py.
Great, now, let's dive head first into our Python editor to get this build started.
Step 2: Understanding How the Password Strength Checker Works
Our program will:
- Prompt the user to enter a password securely using
getpass. - Evaluate the password’s strength based on length, character variety, and entropy.
- Provide feedback on password quality and improvements.
- Allow the user to check multiple passwords in a loop until they decide to exit.
Step 3: Importing Required Modules
We need three Python modules:
import random # For generating random numbers
import os # To clear the screen
Why Do We Use These Modules?
-
string → Provides predefined character sets (lowercase, uppercase, digits, special characters).
-
getpass → Allows secure password entry without displaying it on the screen.
-
math → Used to calculate password entropy for strength evaluation.
Now that we have our required modules, let's move on to defining our functions.
Step 4: Implementing Password Entropy Calculation
Let's start by writing the core password evaluation functions.
MIN_LENGTH = 8 # Minimum recommended password length
def calculate_entropy(password):
"""Calculates entropy based on character diversity and length."""
charset_size = 0
if any(c in string.ascii_lowercase for c in password):
charset_size += 26
if any(c in string.ascii_uppercase for c in password):
charset_size += 26
if any(c in string.digits for c in password):
charset_size += 10
if any(c in string.punctuation for c in password):
charset_size += len(string.punctuation)
if any(c.isspace() for c in password):
charset_size += 1
return len(password) * math.log2(charset_size) if charset_size else 0How It Works:
-
Identifies character diversity by checking if the password contains lowercase, uppercase, digits, special characters, or spaces.
-
Uses entropy calculation to determine password strength using the formula
entropy = length * log2(character_set_size). -
Higher entropy = stronger password, making it harder for attackers to guess.
Why Do We Use Entropy?
Entropy is a scientific measure of password strength. Instead of just checking if a password contains numbers or symbols, entropy estimates how unpredictable a password is:
-
Higher entropy → More combinations → Harder to crack.
-
Lower entropy → Easier to guess → Weaker security.
By using entropy-based evaluation, we provide a better security analysis rather than just counting characters.
Now that we have password entropy in place, let’s proceed to evaluating password strength and user feedback.
Step 5: Checking Password Strength
Now, let's implement the function that analyzes password strength and provides feedback:
def check_password_strength():
"""Evaluates password strength based on entropy and diversity."""
password = getpass.getpass('Enter your password: ')
if len(password) < MIN_LENGTH:
print(f"⚠️ Your password is too short! It must be at least {MIN_LENGTH} characters.")
return
lower_count = sum(1 for c in password if c in string.ascii_lowercase)
upper_count = sum(1 for c in password if c in string.ascii_uppercase)
num_count = sum(1 for c in password if c in string.digits)
special_count = sum(1 for c in password if c in string.punctuation)
wspace_count = sum(1 for c in password if c.isspace())
entropy = calculate_entropy(password)
# Classifying password strength
if entropy < 28:
remarks = "⚠️ Very Weak: Easily guessable! Change it immediately."
elif entropy < 36:
remarks = "⚠️ Weak: Can be cracked quickly. Use a stronger password."
elif entropy < 60:
remarks = "✅ Moderate: Decent password, but can still be improved."
elif entropy < 80:
remarks = "✅ Strong: Hard to guess, but consider making it longer."
else:
remarks = "✅ Very Strong: Excellent password! Highly secure."
# Display password analysis
print("\n🔎 Password Analysis:")
print(f"🔹 {lower_count} lowercase letters")
print(f"🔹 {upper_count} uppercase letters")
print(f"🔹 {num_count} digits")
print(f"🔹 {special_count} special characters")
print(f"🔹 {wspace_count} whitespace characters")
print(f"🔹 Entropy Score: {entropy:.2f} bits")
print(f"🔹 Remarks: {remarks}\n")How It Works:
-
Analyzes password diversity by counting lowercase, uppercase, digits, special characters, and whitespace.
-
Uses entropy score to classify the strength of the password.
-
Provides clear feedback on how secure the password is via various Python f-strings.
By implementing this analysis, users get a comprehensive breakdown of their password’s security level.
Now that we can evaluate password strength, let’s move on to looping the process for multiple checks.
Step 6: Looping for Multiple Checks
To allow users to check multiple passwords, we add a while loop:
def check_another_password():
"""Asks the user if they want to check another password."""
while True:
choice = input("🔄 Do you want to check another password? (y/n): ").strip().lower()
if choice == 'y':
return True
elif choice == 'n':
print("👋 Exiting... Stay secure!")
return False
else:
print("⚠️ Invalid input. Please enter 'y' or 'n'.")How It Works:
-
Continuously prompts users to check another password.
-
Ensures only valid responses (
yfor yes,nfor no) are accepted. -
Provides a smooth user experience by keeping the program interactive.
By implementing this, users can evaluate multiple passwords in a single session.
Now that we have an interactive password checker, let’s move on to finalizing the program execution.
Step 7: Running the Program
Finally, we ensure the script runs correctly when executed:
if __name__ == '__main__':
print("===== 🔑 Welcome to Password Strength Checker 🔑 =====")
while check_another_password():
check_password_strength()Why Is This Needed?
-
Ensures the script runs only when executed directly.
-
Prevents unintended execution when imported as a module.
-
Creates a structured workflow that loops through password checks.
By using this structure, we keep the program organized, user-friendly, and maintainable. Now, your password strength checker is fully functional and ready to use.
Final Code: Password Strength Checker
import string # For checking character diversity
import getpass # For secure password input
import math # For entropy calculation
# Minimum recommended password length
MIN_LENGTH = 8
def calculate_entropy(password):
"""Calculates entropy based on character diversity and length."""
charset_size = 0
if any(c in string.ascii_lowercase for c in password):
charset_size += 26
if any(c in string.ascii_uppercase for c in password):
charset_size += 26
if any(c in string.digits for c in password):
charset_size += 10
if any(c in string.punctuation for c in password):
charset_size += len(string.punctuation)
if any(c.isspace() for c in password):
charset_size += 1
return len(password) * math.log2(charset_size) if charset_size else 0
def check_password_strength():
"""Evaluates password strength based on entropy and diversity."""
password = getpass.getpass('Enter your password: ')
if len(password) < MIN_LENGTH:
print(f"⚠️ Your password is too short! It must be at least {MIN_LENGTH} characters.")
return
lower_count = sum(1 for c in password if c in string.ascii_lowercase)
upper_count = sum(1 for c in password if c in string.ascii_uppercase)
num_count = sum(1 for c in password if c in string.digits)
special_count = sum(1 for c in password if c in string.punctuation)
wspace_count = sum(1 for c in password if c.isspace())
entropy = calculate_entropy(password)
# Classifying password strength
if entropy < 28:
remarks = "⚠️ Very Weak: Easily guessable! Change it immediately."
elif entropy < 36:
remarks = "⚠️ Weak: Can be cracked quickly. Use a stronger password."
elif entropy < 60:
remarks = "✅ Moderate: Decent password, but can still be improved."
elif entropy < 80:
remarks = "✅ Strong: Hard to guess, but consider making it longer."
else:
remarks = "✅ Very Strong: Excellent password! Highly secure."
# Display password analysis
print("\n🔎 Password Analysis:")
print(f"🔹 {lower_count} lowercase letters")
print(f"🔹 {upper_count} uppercase letters")
print(f"🔹 {num_count} digits")
print(f"🔹 {special_count} special characters")
print(f"🔹 {wspace_count} whitespace characters")
print(f"🔹 Entropy Score: {entropy:.2f} bits")
print(f"🔹 Remarks: {remarks}\n")
def check_another_password():
"""Asks the user if they want to check another password."""
while True:
choice = input("🔄 Do you want to check another password? (y/n): ").strip().lower()
if choice == 'y':
return True
elif choice == 'n':
print("👋 Exiting... Stay secure!")
return False
else:
print("⚠️ Invalid input. Please enter 'y' or 'n'.")
if __name__ == '__main__':
print("===== 🔑 Welcome to Password Strength Checker 🔑 =====")
while check_another_password():
check_password_strength()
Wrapping Up
Congratulations! You’ve built a fully functional Password Strength Checker in Python.
What You Learned:
- Password entropy calculation
- Validating password length and diversity
- Secure password input using getpass
- Continuous password checks with a loop
Next Steps:
- Add a password breach check using HaveIBeenPwned API.
- Suggest stronger passphrase alternatives if a password is weak.
- Build a GUI version using Tkinter or PyQt.
The best way to learn is by building projects, so keep coding!
