The Most Popular Passwords For A Baby Boomer Could Cost You

For seven years, password manager NordPass has released a list of the most commonly used passwords. However, when breaking down these passwords by generation, the top five passwords chosen by baby boomers, in particular, did not show much creativity. From September 2024 to September 2025, the top three passwords for baby boomers consisted of a string of sequential numbers: 123456, 123456789, and 12345. The No. 4 most commonly used password is a relatively common name — Maria. Per NordPass, across countries common names often made it into passwords. Meanwhile, the No. 5 top password was Contraseña, the Spanish word for "password." Interestingly enough, while you might think that younger, more internet savvy, generations would use more password inventiveness, the top 5 password choices across generations were eerily similar to baby boomers.

The benefit of simple passwords is that they are generally easier to remember. However, that also makes them pretty easy to hack — even for people without exceptional cybercrime skills. The password 123456, for example, has been among the top choices for six out of the past seven years, making it an obvious password to try for even the most inexperienced online scammer. Worst of all, hacks happen more often than you might think, and Americans end up paying a lot for these scams. According to Forbes Advisor, nearly half of Americans had their passwords stolen in 2024 with 35% admitting that they had a weak password.

Once a scammer gets, say, your bank password, they can quickly siphon funds. Cybercrime losses are significant, with the Federal Bureau of Investigation listing 2024 cybercrime losses at over $16 billion, a year-over-year increase of 33% when compared to 2023. Out of nearly 860,000 total complaints in 2024, people over the age of 60 — in other words, baby boomers — filed the most. They also lost the most, too, at almost $5 billion. 

To best protect yourself, it's important change your passwords often and ensure that each new password us different from ones you have already used. One particularly common AI-powered financial scam is password cracking, so it's important to choose wisely. It goes without saying that you should also avoid easy-to-guess passwords — either because they're commonly used or because they include your name, birthdate, or other personal information. It can also help to make your password 12 characters long, at a minimum, while mixing in lowercase and uppercase letters, numbers, and symbols. 

It can also be important to ensure that each online account you use has a unique password. Plus, experts say there's a bank account setting you should immediately change for added security: multi-factor authentication. This ensured someone must provide two forms of identity confirmation in order to get into your accounts — thereby helping to keep hackers out.