The idea that digital natives are inherently more security-conscious continues to be debunked, as evidenced by NordPass's latest study on the weakest passwords.

Like the Boomers, Gen Xers, and millennials before them, Gen Z can't help but use poor password security. The top password among them is still "12345."

(Credit: NordPass)

If you're the techie person in your family or friend group, you've probably felt the pain of trying to encourage better digital security. No matter how many people get hacked, scammed, or have their identities stolen due to laughably insecure passwords, there's always another person ready to reuse their favorite passcode for the 100th time.

Using public data breaches and dark web releases of password data, NordPass compiled a list of the 200 most common passwords in use today, and the list has barely changed over the seven years that NordPass has produced this report. "123456" is at number one with over 21.5 million entries. Some clever individuals decided to lengthen their number-only password to "12345678," and a few million more added nine on the end, but that hardly makes it more secure.

Other standouts include the classics "admin," "QWERTY," and "password," as well as "abc123," and "Test@123." At least that last one uses special characters and capitals, but they're still easy to guess in that configuration.

Recommended by Our Editors

How We Test Password Managers

Still Using Passwords? It's Time to Upgrade to Passkeys Now

Don't Let Your Passwords Die With You. Here's How to Share Account Access Safely

One new avenue of research in this latest report, though, is how it breaks down by age group and generation. A common misconception is that because the younger generations grew up with technology like smartphones and internet access, they'd somehow know how to use it securely. That proves to be entirely wrong. Gen Z also favors strings of consecutive numbers, though the password at number seven is unique to the generation: "skibidi."

Older internet users tend to favor women's names: Maria, Susana, Silvia, Monica, and Claudia among Boomers, and Marta, Margarita, and Virginia for the Silent Generation.

This suggests that password hygiene practices have barely improved over the decades, despite titanic efforts to shift them in the right direction. As many recent malware attacks and hacks have demonstrated, social engineering is often the most effective method for breaking into accounts and services. A big part of that is poor operational security and password strength.

If you or anyone you know is still using poor passwords, encourage them to at least use a password manager. NordPass is actually our pick for the best premium password manager. Proton Pass is the best free option.