A new report suggests that younger generations may have weaker passwords than their older counterparts.
And Canadians are among those who use some of the most common login passwords rather than more secure options.
NordPass, a password manager for corporate and private clients, has published a list of the top 200 passwords for 2025 with the help of an independent cybersecurity researchers. The data was collected as a result of public data leaks and dark web repositories from September 2024 to September 2025.
The company claims that simple passwords are extremely easy to guess, but many, including Canadians, seem to ignore the warnings.
Overall, the list of most common passwords in Canada was topped by “admin”, followed by “123456”, then “galant123”, followed by “password”, and the fifth most common was “1hateyou”.
The report states that globally, the most common password is “123456”, followed by “admin” and “12345678” in third place.
NordPass says perhaps most surprising is the use of shared passwords among younger Canadians, who are more likely to have grown up in an online world compared to older generations.
The researchers highlight that number combinations such as “12345” rank high across all age groups and are more likely to be used by Generation Z and Millennials, who appear to be less likely to use names in their passwords.
Get the latest national news
To stay on top of news affecting Canada and the world, sign up for breaking news alerts delivered directly to you as they happen.
Meanwhile, older generations are more likely to use names in their passwords and more often in combination with numbers, starting with Generation X and peaking among Baby Boomers, according to the report.
For example, NordPass reports that among Gen Xers, the most common name used as a password is “Veronica,” while Baby Boomers most often use “Maria,” and the Silent Generation's most common name used as a password is “Susana.”
The most commonly used special character in passwords was “@,” and the report said it was used in passwords that looked simple, such as “P@ssw0rd,” “Admin@123,” or “Abcd@1234.”
Researchers in the report say the vast majority of data breaches are caused by compromised, weak and reused passwords.
Passwords are not the only security tool
NordPass says that while education and awareness of how to create stronger, more difficult-to-predict passwords are key to online security, new and more secure methods are gradually becoming more common.
This includes the use of passwords, biometrics and multi-factor authentication.
The Canadian Cyber Security Center states that the more complex the password guessing or account access requirements, the stronger a person's cybersecurity will be.
For example, center encourages people to use a passphrase consisting of four or five words typed together, a complex password that includes upper and lower case characters as well as special characters, and tools such as multi-factor authentication.
However, since they are not as widely used, NordPass says strong passwords are still important.
The company adds that people should never reuse passwords and should try to have unique passwords for each account. Passwords should also be regularly reviewed with what NordPass calls a “sanity check” to identify weak, old, or reused passwords.
For those who feel like they can't remember all their passwords or feel overwhelmed, the Canadian Cyber Security Center says a strong, carefully chosen password management tool may be a good option.
© 2025 Global News, a division of Corus Entertainment Inc.
:quality(85):upscale()/2024/08/13/730/n/1922729/aca6ec8e66bb8a5a992b74.38487236_.png?w=150&resize=150,150&ssl=1 "I Tried Taylor Swift’s Posture-Correcting Sports Bra")
