Guessing Entropy

nouncandidate·updated May 12, 2026

GlossaryL1 — what DictionaryL2 — how used ThesaurusL3 — relations Universaleverything

A measure of the difficulty that an Attacker has to guess the average password used in a system. In this document, entropy is stated in bits. When a password has n-bits of guessing entropy then an attacker has as much difficulty guessing the average password as in guessing an n-bit random quantity. The attacker is assumed to know the actual password frequency distribution.

Framework senses

2 senses across 2 frameworks

NISTIR 7298: Glossary of Key Information Security Terms, Revision 21 senseview framework →

§1: A measure of the difficulty that an Attacker has to guess the average password used in a system. In this document, entropy is stated in bits. When a password has n-bits of guessing entropy then an attacker has as much difficulty guessing the average password as in guessing an n-bit random quantity. The attacker is assumed to know the actual password frequency distribution.

NIST SP 800-631 senseview framework →

§1: A measure of the difficulty that an Attacker has to guess the average password used in a system. In this document, entropy is stated in bits. When a password has n-bits of guessing entropy then an attacker has as much difficulty guessing the average password as in guessing an n-bit random quantity. The attacker is assumed to know the actual password frequency distribution.