The world’s most common passwords usually follow the same formula
A new report finds that Gen Z has a weaker top password choice than older generations — by just one digit.
These days there’s always a big data breach in the news, as hackers keep employing sophisticated code-breaking techniques to crack into everything from food delivery services to fish tanks.
With the FBI receiving almost 860,000 complaints of internet crime last year and the world watching industry titans driven to the brink by devastating cyberattacks in recent months, you’d think that people in the digital realm might have strengthened up their passwords as a precaution.
Safety in numbers?
Well, seemingly not. A new report by NordPass and NordStellar analyzed public data breaches occuring in the 12 months to September 2025 to compile the world’s most common passwords — or, at least, the world’s most common leaked passwords — with “123456,” or variations thereof, dominating the list.
A whopping 21.6 million instances of just consecutive digits 1-6 were found — while variants of the words “admin” and, of course, “password,” as well as memorable keyboard sequences like “qwerty,” also featured heavily.
Even for esteemed institutions housing some of humanity’s most highly treasured artworks, security can often take a back seat to easy typing and instant recall. But, if looted priceless artifacts or losses from internet crime reaching over $16 billion in 2024 are anything to go by, it might be worth brushing up on your password etiquette should the above sound a bit too familiar.
Gen ***
Interestingly, the same report found that the password habits of Gen Z were similar to that of those 80 years and older, with both cohorts most frequently using “12345” as their password — with all the age groups in between seeing the slightly more complex “123456” edge it as their top pick.
Ironically, then, the generation raised by the internet might not be so cybersecure after all.
