Password Strength Scorer

Password Strength Scorer MCP Connector for Claude

F

Evaluate any password using the Dropbox zxcvbn engine — the same algorithm protecting 700M+ users. Returns a 0-4 score, real crack time estimates, and actionable improvement suggestions. No AI can do this.

1 tools Official Updated Jun 28, 2026 Official Vinkius Partner

Ask an AI if 'P@ssw0rd123' is a strong password. It will say 'yes — it has uppercase, lowercase, numbers, and symbols.' That's wrong. zxcvbn cracks it in under a second because it recognizes the pattern: 'Password' + common l33t substitutions + sequential numbers.

No AI can truly evaluate password strength. This MCP uses the Dropbox zxcvbn engine — the same algorithm trusted by 700M+ users — which performs real combinatorial analysis against dictionaries, keyboard patterns, dates, and l33t-speak.

The Superpowers

  • Real Science, Not Rules: Doesn't check 'has uppercase + number'. Analyzes actual crack difficulty using pattern matching and combinatorics.
  • 4 Attack Scenarios: Crack time estimates for online throttled, online unthrottled, local slow hash, and local fast hash.
  • Actionable Feedback: Returns specific warnings ('Common l33t substitution') and improvement suggestions.
  • 100% Local: The password never leaves the engine. Zero network calls. Zero data leakage.
password-strengthentropy-analysissecurity-best-practicescrack-time-estimationauthentication-security

1 tools expose this connector's capabilities to your AI agent.

score_password_strength

The zxcvbn engine (created by Dropbox) detects common patterns, dictionary words, keyboard sequences (qwerty, zxcvbn), dates, and l33t-speak substitutions. It returns a score from 0 (very weak) to 4 (very strong), estimated crack times for different attack scenarios, and actionable feedback. No AI can truly evaluate password strength — this engine uses real combinatorial analysis. Evaluates password strength using the Dropbox zxcvbn engine. Returns a 0-4 score, crack time estimates, and improvement suggestions

See how to talk to your AI agent using Password Strength Scorer.

Our new hire set their password to 'Summer2024!'. Is that actually secure?

Score: 1 (Weak). Warning: Common word + predictable year + single symbol. Crack time: 3 minutes local. Suggest: use unrelated words.

Is 'correct horse battery staple' really stronger than 'Tr0ub4dor&3'?

Yes. 'correct horse battery staple': Score 4 (Very Strong), centuries to crack. 'Tr0ub4dor&3': Score 1, common l33t pattern.

Audit our auto-generated API keys for security compliance before deployment.

Score: 4 (Very Strong). Crack time: centuries at 10B guesses/sec. Entropy exceeds compliance minimum.

AI checks superficial rules like 'has uppercase + number + symbol'. zxcvbn does combinatorial analysis — it knows 'P@ssw0rd' is just 'Password' with l33t substitutions, and rates it as weak despite passing every 'rule-based' check.

Related Connectors