Ask Runable forDesign-Driven General AI AgentTry Runable For Free
Runable
Back to Blog
Technology7 min read

Baby Boomers beat Gen Z in password hygiene, but both generations still don’t stick to the best practices — and many people are still using decades-old passwords that they made as kids | TechRadar

The number of passwords is in decline, but password security is still shaky Discover insights about baby boomers beat gen z in password hygiene, but both genera

TechnologyInnovationBest PracticesGuideTutorial
Baby Boomers beat Gen Z in password hygiene, but both generations still don’t stick to the best practices — and many people are still using decades-old passwords that they made as kids | TechRadar
Listen to Article
0:00
0:00
0:00

Baby Boomers beat Gen Z in password hygiene, but both generations still don’t stick to the best practices — and many people are still using decades-old passwords that they made as kids | Tech Radar

Overview

News, deals, reviews, guides and more on the newest computing gadgets

Start exploring exclusive deals, expert advice and more

Details

Unlock and manage exclusive Techradar member rewards.

Unlock instant access to exclusive member features.

Get full access to premium articles, exclusive features and a growing list of member rewards.

Baby Boomers beat Gen Z in password hygiene, but both generations still don’t stick to the best practices — and many people are still using decades-old passwords that they made as kids

The number of passwords is in decline, but password security is still shaky

When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.

Nord Pass study claims older generations are more likely to change passwords than younger generations

But younger users are more in tune with password storage services, preferring to use password managers over memory and writing them down

All generations are failing to adhere to the best practices when it comes to password hygiene

Many people may believe Gen Z are the best when it comes to adopting new tech, but a new study by Nord Pass polling 7,861 respondents between the ages of 18-74 suggests that they might be the worst generation for password hygiene.

It’s not uncommon for people to pick a particular word or phrase as a password and alternate special characters, numbers, and capital letters to keep it ‘unique’, but this practice is weakened when the same central password is used for years—or even decades.

In fact, Gen Z has been found to be the generation least likely to change a password, while Baby Boomers are the most security-conscious, actively updating their passwords much more frequently.

When breaking down the stats, Nord Pass found just 54% of respondents had changed their longest-standing password in the last 12 months. Those aged 18-24 were the least likely to say they had updated their password within the last year, while those in older brackets, particularly between 55-to-64, were the most likely to update their passwords.

But there is a further trend to be examined. While those in the older age brackets are more likely to update their passwords, they rely on memory or physically writing down their passwords for storage. And those in the younger, more tech-savvy age brackets were more likely to rely on browser-based password storage or third-party password managers.

'Password reuse only sharpens this problem': Browser-based password storage isn't as safe as you think – these top tips from the experts show how it should be done

Writing down passwords or relying on memory often leads to the reuse of passwords to keep them memorable and easy to type, increasing the risk that personal accounts could be breached in the event of a cyberattack. While the average number of password has dropped from 168 in 2024 to 120 in 2026, this still leaves the average person with a significant number of possibly reused passwords that could leak, potentially compromising every account they are used on.

Opting for the convenience of a browser-based password manager also introduces additional risk, as these password vaults often aren’t subjected to the same security protocols as third-party password manager apps.

In fact, another recent Nord Pass study highlighted that browser-based passwords are at a significantly higher chance of being leaked or stolen thanks to malware, browser compromise, or physical access to the computer.

This is especially true for those using a browser-based password manager alongside a third-party app, because if the browser is compromised there is little you can do to protect your stored passwords.

“I’m fairly certain most internet users know they should immediately change a password that has been compromised,” said Karolis Arbaciauskas, head of product at cybersecurity company Nord Pass.

“So when people say they haven’t changed a password in years, either the password hasn’t been exposed, or they simply don’t know it has. I hate to be a bearer of bad news, but the second scenario is far more likely. Without tools to notify them when credentials appear in leaks or breaches, many users have passwords aging in the background while the risk grows.”

How to keep your passwords as secure as possible

There are many ways to create a secure password. These are my expert recommendations for maximizing your password security:

Your password should be at least 15 characters long

Rather than relying on a memorable phrase or key date, use a string of random words such as the NIST example of ‘cassette-lava-baby’

Add in some random capitalization, numbers, and special characters, but avoid replacing certain letters with predictable special characters (such as ‘@’ for ‘a’, ‘$’ for ‘s’, and so on)

If you are forced to regularly change a password as many people are forced to do in the workplace, always use a new, unique password, rather than relying on ‘Summer 12345’ followed by ‘Autumn 12345’

Use a password manager to store your passwords securely. They also add the benefit of being able to autofill your credentials for you

Use a credential exposure checking service such as Have I Been Pwned to securely check if your email address or passwords have shown up in any dark web databases

Delete any online accounts you no longer use. If the service suffers a data breach, it could leak your username and password combination

Follow Tech Radar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds.

Benedict is a Senior Security Writer at Tech Radar Pro, where he has specialized in covering the intersection of geopolitics, cyber-warfare, and business security.

Benedict provides detailed analysis on state-sponsored threat actors, APT groups, and the protection of critical national infrastructure, with his reporting bridging the gap between technical threat intelligence and B2B security strategy.

Benedict holds an MA (Distinction) in Security, Intelligence, and Diplomacy from the University of Buckingham Centre for Security and Intelligence Studies (BUCSIS), with his specialization providing him with a robust academic framework for deconstructing complex international conflicts and intelligence operations, and the ability to translate intricate security data into actionable insights.

You must confirm your public display name before commenting

1 Dutton Ranch season 2 won't be released on Paramount+ any time soon — but this 'wild' fan prediction is so good that Taylor Sheridan should take some notes

2 Your voice can be cloned in minutes using AI, and Taylor Swift is trying to protect hers — but what rights do the rest of us have?

3'You could've given me 10 guesses, I wouldn't have gone for this': my favorite cheap Nothing earbuds finally have a successor, but the USP isn't my idea of 'joyful'

4 Proton VPN adds 89 new servers in Brazil after Caze TV World Cup streams flood its network

5 Keep your files protected on the go: My favorite Samsung SSDs are on sale at Amazon right now

Tech Radar is part of Future US Inc, an international media group and leading digital publisher. Visit our corporate site.

© Future US, Inc. Full 7th Floor, 130 West 42nd Street, New York, NY 10036.

Key Takeaways

  • News, deals, reviews, guides and more on the newest computing gadgets
  • Start exploring exclusive deals, expert advice and more
  • Unlock and manage exclusive Techradar member rewards
  • Unlock instant access to exclusive member features
  • Get full access to premium articles, exclusive features and a growing list of member rewards

Cut Costs with Runable

Cost savings are based on average monthly price per user for each app.

Which apps do you use?

Apps to replace

ChatGPTChatGPT
$20 / month
LovableLovable
$25 / month
Gamma AIGamma AI
$25 / month
HiggsFieldHiggsField
$49 / month
Leonardo AILeonardo AI
$12 / month
TOTAL$131 / month

Runable price = $9 / month

Saves $122 / month

Runable can save upto $1464 per year compared to the non-enterprise price of your apps.