An easy way to protect yourself online is to maintain a strong password for all of your accounts.

Ready to test the strength of your password?

How do I use it?

  • Enter a password for any online account and tap the check button.
  • Check your results (they will show below the search box).
  • The aim is to have all three assessment fields come up green.
  • If you see a red box, it's time to level up your password game! Read the feedback in the results box and take immediate action to improve your password strength using the password tips. 
What will the tester check?

When you enter your password, the strength tester uses complicated algorithms to figure out how hard it is to guess. It then gives you tips on how to make stronger passwords.

It also lets you know if your password has been hacked or exposed in a data breach. It helps you understand the impact and what you can do to make your passwords safer.

The tester will assess your password based on:

  • Time to crack. How long it would take for a hacker to crack the password using a computer bot. 
  • Password strength.  Assessing the strength of the password based on complexity and guessability.
  • Exposure online. Compares the password to a database of exposed passwords. If it has been posted online or involved in a data breach it is at increased risk of being used to take over your accounts.
Is it safe to use?

It's a good thing you're reading this, being overly trusting is a quick way to get hacked. It's smart to practice caution, you should never put your personal information on a website you're not sure about.

The Password Strength Tester is anonymous, and your password never leaves your browser. We never collect, track, store, or send them, so no one can link them to your usernames, accounts, or websites.

Your password is assessed on the page, not on our servers. If you close the window or switch pages, the page will refresh.

ID Support NSW educates people on the importance of identity protection and how to keep personal information safe. The last thing we want is for passwords to be sent around carelessly.

Continue to be alert and cautious, paying special attention to websites that request personal information and passwords.

Password tips

Longer is stronger

Safe passwords have more than 12 characters (the more the merrier).

Don't give it up

Don’t share your passwords with other people or provide it in emails, phone calls or on suspicious websites.

Keep them guessing

Leave out personal information (e.g kids’/pets’ names) and words that could easily be guessed (e.g password)


Use a string of words that's easy for you to remember but hard for someone else to guess.

Do not recycle

Avoid using the same password on multiple online accounts.

Keep it fresh

Passwords don't get better with age. If you're worried yours is at risk - make a new one!

What makes a strong password?


Passwords, once considered the ultimate safeguard, are becoming less effective due to an emphasis on complexity. Complex passwords made it difficult for us to remember, and the logic easier for hackers and bots to crack. Despite this challenge strong passwords remain important. But what does strong mean?

The best way to secure your accounts is to use a passphrase. Using a passphrase requires less effort from you to remember, and more time and effort from hackers.

A passphrase is typically a password using 4 or more words totalling 14 characters or more.

Examples of good passphrases

Safer options are to use things that are not recorded, logged or traceable, like memories, slang words from childhood, lines from a song playing during your first kiss. It's your creative password licence.

  • 'They will never get my recipe.'
  • 'Only MC Hammer can touch this!'
  • 'Let's-get-crack-a-lackin'
  • 'Moments with you in Whitsundays',
  • 'Store bought coffee is not my cup of tea',
  • 'It's like rain on your wedding day',
  • 'It's the good advice that you just didn't take'.

By following this good advice, you'll create a strong passphrase and might have fun doing it.

Examples of not so good passwords

Passphrases are not fool proof. It is not safe to use your birth year, the names of family members, the names of your furry companions, or references to well known passions or hobbies in your password.  Remember that hackers feed bots as much of your personal information as they can in an effort to crack your password. 

  • Professional footballers' password: Soccer85
  • Your son's surfing inspired password: Grommy2008
  • Your password last year: Dashie05 (Dashie your furry friend)
  • Your password this year: Dashie 06 (Dashie features 8 times in social media posts).


We can help 

We can help you check, restore and protect your identity from misuse and identity crime.

Call ID Support NSW on 1800 001 040 9am to 5pm, Monday to Friday, or opt for our easy online call back form


The information and features provided on this page serve as general awareness and education resources. We have made every effort to create a reliable tool. However, please be aware that no application or piece of software can ensure absolute security. Consult with security experts for professional advice, as needed, where appropriate.

The Password Strength Tester aims to promote improved password practices and increase awareness regarding the risks associated with using guessable, weak, or exposed passwords. ID Support NSW does not guarantee password protection, assume liability for errors, commit to updating the results, or provide a warranty for the Password Strength Tester. By using the content and tools on this page, users acknowledge and release the creators and operators of the Password Strength Tester from any associated risks. Users are advised not to copy or disclose any information without obtaining written consent from ID Support NSW.

Acknowledgements: The data source for the leaked passwords is sourced from Troy Hunts Pwned Passwords API (

Top of page