[MattPalmer1086]

Replying to self...

I guess it's not a useful measure of password strength, even if possible. Any password that doesn't repeat any letters will have identical entropy by this measure.

So 123456789 will be the same Shannon entropy as Ar4e$hUa^

[throwawayffffas]

Entropy is really a measure of password length.

[MattPalmer1086]

That's basically right for passwords.

Of course, if we impose password complexity requirements (e.g. must have a digit or an uppercase letter), it actually reduces the entropy in the password!

[aeternum]

Entropy is a measure of the potential state space. So password length matters a lot but so does the size of the character set.