$^$^$^_ and $^$^$^z are both recognized by zxcvbn as bruteforce regions. it reports the entropy as:
n log (c)
for a length-n password with symbol space c.
the huge difference in crack time is because zxcvbn is using c==33 (symbols only) for $^$^$^_ and c==59 (symbols + a-z) for $^$^$^z
$^$^$^i is in the middle -- 'i' is considered a dictionary match, the rest is c==59 bruteforce.
the bigger problem is $^$^$^ isn't recognized as a pattern, but i'm working on ways to improve bruteforce estimation too. good example!
n log (c)
for a length-n password with symbol space c. the huge difference in crack time is because zxcvbn is using c==33 (symbols only) for $^$^$^_ and c==59 (symbols + a-z) for $^$^$^z
$^$^$^i is in the middle -- 'i' is considered a dictionary match, the rest is c==59 bruteforce.
the bigger problem is $^$^$^ isn't recognized as a pattern, but i'm working on ways to improve bruteforce estimation too. good example!