Digital Native Password Security
New NordPass research challenges password-habits-just-153139966.html” title=”Gen Z's … Habits Are Just as Bad as Everyone Else's”>digital native password security, showing teenagers use passwords as weak as older adults.
NordPass and NordStellar released their seventh Top 200 Most Common Passwords report. The study covers 44 countries and groups exposed passwords by generation, from young adults to the oldest users.
Across every age bracket, simple numeric strings dominate. For each group, “12345” and “123456” sit among the top choices, despite years of public warnings.
Karolis Arbaciauskas, head of product at NordPass, says the overall picture shows only slow progress. “Generally speaking, despite all efforts in cybersecurity education and digital awareness over the years, data reveals only minor improvements in password hygiene. The world is slowly moving towards passkeys — a new passwordless authentication method based on biometric data — but in the interim, until passkeys become ubiquitous, strong passwords are very important. Especially since around 80% of data breaches are caused by compromised, weak, and reused passwords, and criminals will intensify their attacks as much as they can until they reach an obstacle they can’t overcome,” says Arbaciauskas.
Generations Choose Similar Weak Codes
The research directly confronts the idea that younger users understand security better because they grew up online. “The password habits of 18-year-olds are similar to those of 80-year-olds. Number combinations, such as ‘12345’ and ‘123456,’ are in the top spots across all age groups. The biggest difference is that older generations are more likely to use names in their passwords,” says Arbaciauskas.
Generations Z and Y rarely use personal names. Instead, they prefer sequences such as “1234567890” and cultural references like “skibidi.” That pattern still leaves accounts open to simple automated guessing.
Older generations bring in more names. Among Generation X, “Veronica” appears frequently. Baby Boomers often choose “Maria.” The Silent Generation uses “Susanna” more than other names.
Digital native password security, the report suggests, mirrors older habits rather than improving on them. In each group, convenience wins over complexity.
Numbers and Special Characters Still Predictable
Numbers dominate both global and generational lists. Sequences from “12345” to “1234567890” and combinations like “qwerty123” sit near the top in many countries.
Compared with last year, more passwords now include special characters. On the global list, 32 passwords contain special characters, up from six a year earlier. Yet many follow predictable patterns such as “P@ssw0rd,” “Admin@123” and “Abcd@1234,” which automated tools guess quickly.
The word “password” remains popular worldwide, in English and in local forms such as “password,” “password,” “countermeasure” and “password.”
NordPass closes the report with practical advice. It recommends long, random passwords or passphrases, no reuse across accounts, regular password reviews, password managers and multi-factor authentication.
As passkeys roll out over time, NordPass hopes better tools and clear rules will finally lift digital native password security for every age group.
NordPass data shows “digital natives” pick passwords as weak as seniors, with “123456” and “password” still ruling accounts worldwide.
