Password Genie is a Python-based security learning tool that generates passwords, evaluates their strength, calculates password entropy, and estimates the time required to crack them using modern attack assumptions.
This project demonstrates practical cybersecurity concepts such as secure randomness, entropy-based strength evaluation, and password attack resistance.
-
Secure Password Generation
- Generates passwords using cryptographically secure randomness via Python’s
secretsmodule.
- Generates passwords using cryptographically secure randomness via Python’s
-
Password Strength Evaluation
- Rates passwords as Weak, Moderate, Strong, or Very Strong based on length and character diversity.
-
Entropy Calculation
- Calculates password entropy (randomness) to quantify resistance against guessing attacks.
-
Crack Time Estimation
- Estimates how long a modern GPU-based attacker would take to crack the password based on entropy.
-
Automatic Password Hardening
- If a password is not rated Very Strong, the tool can automatically improve it by increasing entropy and complexity.
-
Interactive CLI Experience
- Users can generate, analyze, and iteratively strengthen passwords in an interactive session.
-
Attack Awareness
- Explains which common password attacks a very strong password helps defend against.
This project uses only Python’s standard library and no external dependencies are required.
Modules used:
secretsstringremathtimehashlib
- Clone or download the repository.
- Ensure Python 3.6+ is installed.
- Open a terminal and navigate to the project directory.
- Run:
python pw-genie.py
PW Genie: Password Generator & Strength Checker
Enter password length (e.g., 12 for a moderate password): 12
✔ Secure password generated using cryptographic randomness.
Generated password: fT9!kQ2@ZxM#
Strength: Strong
Entropy: 78.2 bits
Estimated time to crack: 4.3 million years
Would you like to improve this password to a very strong level? (y/n): y
Improving password...
[██████████████████████████] 100%
Password successfully hardened!
Final password: \25BQ$MjkaDj5p
Final strength: Very Strong
Final entropy: 91.76 bits
Estimated crack time: 13,295 million yearsPasswords are evaluated using:
- Length
- Character diversity (lowercase, uppercase, digits, symbols)
- A simplified scoring model (designed for educational clarity)
Entropy is calculated using:
entropy = length × log₂(character pool size)Higher entropy corresponds to greater resistance against guessing attacks such as dictionary attacks, credential stuffing, password spraying, and full brute-force attacks.
Crack time is estimated using entropy-based assumptions and simulated modern GPU attack speeds.
⚠️ These values are approximations, not guarantees. 📢
-
Uses
secretsinstead ofrandomfor cryptographically secure generation -
Avoids storing or logging passwords
-
Encourages long, unique, & high-entropy passwords
-
Considers real-world password attack models
Contributions are welcome. Feel free to fork the repository, submit pull requests, or open issues for bugs or feature suggestions.
This project is intended for educational purposes only. Do not use generated passwords in production environments without proper security review, organizational approval, and additional protections such as password managers and multi-factor authentication.
This project is licensed under the MIT License - see the LICENSE
file for details.
This project includes a .gitignore file to avoid tracking unnecessary files in the future (e.g., Python bytecode, virtual environments). Be sure to have a similar .gitignore if you're working on your own version of the project.
- Python - secrets
- Python - hashlib
- Python - re, regex
- Python - strings
- Python - time
- Python - math
- GeeksforGeeks, Generating Strong Passwords
- GeeksforGeeks, Password Entropy