Obviously you shouldn't enter your real passwords there, but the site could have a valid use for discovering the strength of passwords you would generate for some hypothetical service that is actually not used.
It doesn't even have merit there because it's figures are completely wrong:
First of all it doesn't take into account GPU cracking techniques - in fact it uses an average desktop PC as the processing power gauge (completely ignoring that password crackers would be running on highly powerful systems bespokely configured systems),
Next it doesn't take into account modern dictionary attacks - sometimes people will have a seemingly secure password but it's actually a common term and thus included in password dictionaries.
And to top it all off, there's no details about how long it would take against different encryption cyphers (the best cyphers are designed to be computationally expensive - but sadly a lot of sites are still using SHA128/256, or worse yet, MD5).
It's rare that I'm this rude about other peoples projects, but that site is total garbage. In fact it's worse than garbage because it deludes people into thinking their passwords are secure when often they're not. It's alarming how quick hackers can rattle off password attempts these days - to quote a recent Ars article[1] "Using a commodity computer with a single AMD Radeon 7970 graphics card, it took him 20 hours to crack 14,734 of the hashes, a 90-percent success rate." and that's an extremely low spec machine compared to most.
First of all it doesn't take into account GPU cracking techniques - in fact it uses an average desktop PC as the processing power gauge (completely ignoring that password crackers would be running on highly powerful systems bespokely configured systems),
Next it doesn't take into account modern dictionary attacks - sometimes people will have a seemingly secure password but it's actually a common term and thus included in password dictionaries.
And to top it all off, there's no details about how long it would take against different encryption cyphers (the best cyphers are designed to be computationally expensive - but sadly a lot of sites are still using SHA128/256, or worse yet, MD5).
It's rare that I'm this rude about other peoples projects, but that site is total garbage. In fact it's worse than garbage because it deludes people into thinking their passwords are secure when often they're not. It's alarming how quick hackers can rattle off password attempts these days - to quote a recent Ars article[1] "Using a commodity computer with a single AMD Radeon 7970 graphics card, it took him 20 hours to crack 14,734 of the hashes, a 90-percent success rate." and that's an extremely low spec machine compared to most.
[1] http://arstechnica.com/security/2013/05/how-crackers-make-mi...