Dadan/Getty Images
It would appear that Gen Z is no more tech-savvy than Baby Boomers when it comes to cybersecurity, according to new research released by the password management program Nordpass. Working with a related cybersecurity site Nordstellar, NordPass pulled data from public breaches and dark web repositories between September 2024 and September 2025. The methodology isn't entirely clear (NordPass doesn't specify if this is just their user base or a broader sample.), but the findings paint an interesting picture: When it came to setting passwords, 18-year-olds and 80-year-olds weren't so different.
Overall, 123456 was the most popular password choice globally, which has been the case for six out of seven years that Nordpass has published this data. Coming in second was "admin," though this password claims the number one spot in the United States. Rounding out the list are variations of the "1234" sequence and the old classic "Password."
Differences were pretty minimal across age groups. However, Gen Z's password choices tend to mirror whatever is trending online, with "skibidi" cracking the top 10 for the demographic. On the other hand, some of the older generations on the list tended to include names like "maria," "susana," or "veronica."
How to better protect your accounts online
R.bussarin/Shutterstock
Simple passwords like "123456" continue to be a popular choice for one reason: People prioritize convenience over security. It's understandable why. The average American manages over 100 digital accounts, so keeping track of strong, unique passwords for each one is genuinely overwhelming. Even though we all know about data breaches and get constant reminders to protect ourselves, most of us still fall back on passwords we can remember without thinking twice.
This is exactly why password managers exist. They create strong passwords for your digital accounts, store them securely, and fill them in automatically whenever you need them. All the guesswork is eliminated, and you avoid reusing passwords across accounts, which is basically an open invitation for hackers. Passkeys, which use biometric authentication to sign on, can be another solid option. A lot of password managers support this now, and it's way more convenient than trying to remember a complicated password.
If you want to beef up your online security even further, you should enable two-factor authentication. Pairing your password with an authentication app from companies like Microsoft or Google adds a second barrier that attackers cannot easily bypass. Even if your password shows up in a breach, that extra layer can stop malicious attempts in their tracks.
