I'm not the biggest fan of the strength tester websites. They say "it would take about 100 years to crack this password", but that is a best case scenario (or worst case scenario for the bad actor). It'd only take 100 years if your password just happened to be the very last combination from all the millions of combinations, the chance of that is extremely unlikely, ie. it's almost certain that it'd take less than 100 years. For example, if your password was somewhere within the first 1% of the list of all possible combinations, it'd only take up to 1 year to brute force it.