LiveIntel PassMeter
Password strength and crack-time analysis engine. PassMeter goes beyond naive length checks — exposing entropy weakness, dictionary presence, structural patterns, breach exposure, and estimated crack time in one API call.
Core Capabilities
PassMeter combines statistical analysis, linguistic heuristics, and live breach data to give you the most accurate strength assessment available.
Entropy Scoring
Shannon entropy calculation adjusted for character set size and password structure. Penalizes predictable character class patterns (e.g. "Aaaaaa1!") that game naive metrics.
Dictionary Detection
Multi-language dictionary matching with leet-speak normalisation, substring matching, and common concatenation detection (e.g. "password123" → dictionary word + digits).
Pattern Weakness Detection
Identifies keyboard walks (qwerty, 12345), date patterns, phone-number templates, repeated sequences, and other structural weaknesses that reduce effective entropy.
Breach Exposure Checks
k-anonymity prefix check against a continuously updated breach corpus (compatible with HaveIBeenPwned v3 API). No plaintext password ever leaves your network.
Actionable Feedback
Structured JSON feedback includes specific weakness reasons with user-friendly suggestion strings — ready to surface in your registration or password-change UI without extra dev work.
Crack-Time Estimation
Estimates offline crack time under GPU-accelerated attack scenarios (bcrypt, SHA-256, MD5) to give users intuitive feedback like "cracked in 3 seconds" vs "centuries".
Scoring Breakdown
PassMeter's composite score is derived from four weighted dimensions.