1. Evaluating a Predictable Complex Password
Security AnalystBackground
An analyst wants to show a client why their policy-compliant password is actually weak.
Problem
The password passes basic length and character-type rules but is highly vulnerable to dictionary attacks.
How to use
Enter 'P@ssword123!' into the password field, select 'Offline, fast hash' as the attack scenario, and enable the pattern breakdown.
Password: P@ssword123!, Attack Scenario: Offline fast hash (10 billion/s)Outcome
The tool reveals a high Shannon entropy but a very low effective entropy, showing that zxcvbn immediately flags the dictionary word and common l33t substitutions.