Answer Key to Calculating Password Entropy

• Home
• Meet Mr. P
• What's New
• Humor
• Quotes
• Links
• Puzzles & Games
• Poetry
• Algebra Lesson Plans
• Printer Version
• Back to Worksheet

Password strength is determined with this chart:
< 28 bits = Very Weak; might keep out family members
28 - 35 bits = Weak; should keep out most people, often good for desktop login passwords
36 - 59 bits = Reasonable; fairly secure passwords for network and company passwords
60 - 127 bits = Strong; can be good for guarding financial information
128+ bits = Very Strong; often overkill

While a password with 40-50 bits of entropy may be semi-safe now, it is only a matter of time until GPUs become more powerful, and password cracking takes less time!

---

1 - 10   Now calculate password entropy for the following passwords:

E = 37.6    1. password    
               R = 26 since its pool of characters is just the 26 lower case letters and L = 8 (the length) 

E = 45.6    2. Password 
               R = 52 and L = 8 

E = 28.2    3. qwerty 
               R = 26 and L = 6 

E = 31.0    4. abc123  
               R = 36 and L = 6 

E = 76.3    5. MrP*MathPage 
               R = 82 since it uses upper and lower case and ASCII characters  and L = 12

E = 19.93   6. 123456  
               R = 10 and L = 6 

E = 37.6    7. starwars  
               R = 26 and L = 8 

E = 37.6    8. baseball 
               R = 26 and L = 8 

E = 63.6    9. P33e=7a*E6m  
               R = 82 and L = 10 

E = 76.3   10. Q77a&-2kB4R2  
               R = 82 and L = 12 


R = 20     11. If the password entropy of an eight character password is 34.9 bits, 
		    what is the pool of characters? 

R = 12     12. If the password entropy of a twelve character password is 55.7 bits,  
		    what is the pool of characters?