Password Policy Checker

Test a password against customizable security rules.

PasswordMin Length

○Minimum length

○Uppercase letter (A-Z)

○Lowercase letter (a-z)

○Number (0-9)

○Special character (!@#...)

Enable/Disable Rules:

Minimum lengthUppercase letter (A-Z)Lowercase letter (a-z)Number (0-9)Special character (!@#...)No spacesNo repeated characters (aaa)

About This Tool

The Password Policy Checker validates a password against a set of configurable security rules in real time. Rules include minimum length, uppercase, lowercase, digit, special character requirements, no spaces, and no repeated characters.

Each rule can be individually enabled or disabled to match your organization's policy. All processing runs locally in your browser — your password is never sent to any server.

How to Use

Type the password you want to check into the input field.
Set the minimum length and enable the rules you want to enforce.
Each rule shows a pass/fail indicator that updates as you type.
Use the strength bar to see the overall password strength at a glance.

Use Cases

The Password Policy Checker is used to validate passwords during sign-up, verify compliance with security policies, test password validation logic during development, and create security awareness training materials.

FAQ

What happens when I disable a rule? — Disabled rules are excluded from the check. Only active rules contribute to the strength score.
Is my password sent anywhere? — No. All checks run in JavaScript in your browser. Your password never leaves your device.
What minimum length should I set? — NIST recommends at least 8 characters. For sensitive services, 12–16 characters or more is advisable.