The idea that digital natives are inherently more security-conscious continues to be debunked, as evidenced by NordPass’s latest study on the weakest passwords.
Like the Boomers, Gen Xers, and millennials before them, Gen Z can’t help but use poor password security. The top password among them is still “12345.”
(Credit: NordPass)
If you’re the techie person in your family or friend group, you’ve probably felt the pain of trying to encourage better digital security. No matter how many people get hacked, scammed, or have their identities stolen due to laughably insecure passwords, there’s always another person ready to reuse their favorite passcode for the 100th time.
Using public data breaches and dark web releases of password data, NordPass compiled a list of the 200 most common passwords in use today, and the list has barely changed over the seven years that NordPass has produced this report. “123456” is at number one with over 21.5 million entries. Some clever individuals decided to lengthen their number-only password to “12345678,” and a few million more added nine on the end, but that hardly makes it more secure.
Other standouts include the classics “admin,” “QWERTY,” and “password,” as well as “abc123,” and “Test@123.” At least that last one uses special characters and capitals, but they’re still easy to guess in that configuration.
One new avenue of research in this latest report, though, is how it breaks down by age group and generation. A common misconception is that because the younger generations grew up with technology like smartphones and internet access, they’d somehow know how to use it securely. That proves to be entirely wrong. Gen Z also favors strings of consecutive numbers, though the password at number seven is unique to the generation: “skibidi.”
Older internet users tend to favor women’s names: Maria, Susana, Silvia, Monica, and Claudia among Boomers, and Marta, Margarita, and Virginia for the Silent Generation.
Recommended by Our Editors
This suggests that password hygiene practices have barely improved over the decades, despite titanic efforts to shift them in the right direction. As many recent malware attacks and hacks have demonstrated, social engineering is often the most effective method for breaking into accounts and services. A big part of that is poor operational security and password strength.
If you or anyone you know is still using poor passwords, encourage them to at least use a password manager. NordPass is actually our pick for the best premium password manager. Proton Pass is the best free option.
Get Our Best Stories!
Stay Safe With the Latest Security News and Updates
By clicking Sign Me Up, you confirm you are 16+ and agree to our Terms of Use and Privacy
Policy.
Thanks for signing up!
Your subscription has been confirmed. Keep an eye on your inbox!
About Our Expert
Jon Martindale
Contributor
Experience
Jon Martindale is a tech journalist from the UK, with 20 years of experience covering all manner of PC components and associated gadgets. He’s written for a range of publications, including ExtremeTech, Digital Trends, Forbes, U.S. News & World Report, and Lifewire, among others. When not writing, he’s a big board gamer and reader, with a particular habit of speed-reading through long manga sagas.
Jon covers the latest PC components, as well as how-to guides on everything from how to take a screenshot to how to set up your cryptocurrency wallet. He particularly enjoys the battles between the top tech giants in CPUs and GPUs, and tries his best not to take sides.
Jon’s gaming PC is built around the iconic 7950X3D CPU, with a 7900XTX backing it up. That’s all the power he needs to play lightweight indie and casual games, as well as more demanding sim titles like Kerbal Space Program. He uses a pair of Jabra Active 8 earbuds and a SteelSeries Arctis Pro wireless headset, and types all day on a Logitech G915 mechanical keyboard.
Read Full Bio
