Overview
- NordPass and partner NordSteller analyzed passwords exposed in public breaches and dark‑web repositories from September 2024 to September 2025 to build global and country rankings.
- ‘123456’ was the most common password worldwide, with ‘admin’ second globally and the top choice in the US, UK, Canada, Australia and South Africa.
- Use of special characters rose to 32 entries in the top 200 from six last year, yet many follow predictable patterns such as P@ssw0rd or Admin@123.
- Across generations, behavior was largely uniform: Gen Z most often used ‘12345’, while Millennials, Gen X and Boomers favored ‘123456’.
- High reuse persists — NordPass reports 62% of Americans often or always reuse a password — and experts urge long unique passphrases, multi-factor authentication and password managers as passkeys and biometrics slowly gain ground.