Are all passwords created equal? Not quite. This simple question formed the basis of our study, and our deep dive into password data revealed surprising trends. Each generation, from Baby Boomers to Gen Z, has its unique fingerprint on password creation.
Our research approach was comprehensive. Using a blend of data from WP Engine, and insightful surveys from Beyond Identity and LastPass, we've managed to sketch a detailed landscape of how password habits are influenced by age.
This quick read is packed with insights that could transform the way we approach online security. Discover facts that might change how you think about passwords forever.
Generation By Year and Age
We’ve provided an overview of different generations categorized by their birth years and current ages. This breakdown helps to understand the different generations and their respective age ranges, providing valuable context for analyzing password security trends.
Predictability Of Human Passwords
Human passwords exhibit patterns and predictability. By examining the data through a generational lens, we identified common patterns and divergences, allowing for a nuanced understanding of how age impacts password security practices.
Likelihood of Reusing Passwords (Five Different Sites and Apps)
• This generation has the highest percentage (26%) of individuals who do not reuse passwords at all, suggesting a greater focus on password security.
• At the same time, they also have the highest percentage (31%) of individuals who reuse passwords "Very" frequently. This contrast indicates a significant divide within this generation concerning password security.
• 32.8% of Boomers use more than ten distinct passwords for all online accounts (Last Pass)
• The data shows a more even distribution across all categories of password reuse for Gen X.
• There's a slight tilt toward more frequent password reuse, with 26% doing so "Very" frequently and 11% "Extremely" frequently.
• They exhibit an increasing trend towards more frequent password reuse, with only 9% not reusing passwords at all and 14% reusing "Extremely" often.
• Notably, this generation has the highest percentage (37%) of individuals who reuse passwords "Very" frequently.
• This generation is most likely to reuse passwords, with only 7% not reusing passwords at all.
• Furthermore, they have the highest percentage (24%) of individuals who reuse passwords "Extremely" frequently, indicating potentially the slightest concern for password security among the generations studied.
Security of Professional Passwords
• No Baby Boomers consider their professional passwords "Much Less Secure" than their personal ones, suggesting a good understanding of the importance of work-related password security.
• The majority (63%) perceive their professional passwords as "About the Same" in terms of security as their personal passwords.
• A combined 36% of Baby Boomers consider their professional passwords to be "Slightly More Secure" or "Much More Secure" than their personal ones.
• A small percentage (1%) consider their professional passwords "Much Less Secure" than their personal ones.
• Most (58%) believe their professional passwords as "About the Same" in terms of security as their personal passwords.
• A total of 36% consider their professional passwords more secure, either "Slightly More Secure" (25%) or "Much More Secure" (11%).
• A small percentage (2%) view their professional passwords "Much Less Secure" than their personal passwords.
• Less than half (46%) perceive their professional passwords as "About the Same" as their personal passwords in terms of security.
• Interestingly, Millennials have the highest percentage (31%) who perceive their professional passwords as "Slightly More Secure" and 45% consider their professional passwords more secure.
• No Gen Z individuals consider their professional passwords "Much Less Secure".
• However, they have the highest percentage (18%) that consider their professional passwords as "Slightly Less Secure".
• Only 36% view their professional and personal passwords as "About the Same" in terms of security.
• Interestingly, Gen Z has the highest percentage (32%) who perceive their professional passwords as "Much More Secure" than personal ones, with 56% viewing their professional passwords as more secure.
Password Mnemonic Between Generations
We also explored the impact of generational differences on the predictability of passwords. By comparing password choices made by different age groups, we identified trends that shed light on the varying levels of password security awareness and knowledge among generations.
Side note: To illustrate each generation's password habits, we used ChatGPT to generate examples. These demonstrate typical password creation strategies for each age group.
• Personal Information: This generation might lean toward using easily remembered personal information like birthdays, anniversaries, children's names, or pets' names.
‣ John1948: A combination of a common name (John) and the birth year (1948)
‣ MaryJohn1965: A combination of two common names (Mary and John) along with the birth year (1965)
• Significant Dates and Events: They may use dates or events with personal or historical significance.
‣ Anniversary04101973: A password based on a significant date, such as an anniversary (04/10/1973)
• Mixed Personal Information: Members of Gen X might mix personal information with memorable cultural references, such as combining the name of a favorite movie with a significant number.
‣ NirvanaFan!: A password reflecting a favorite band (Nirvana) with an exclamation mark for added complexity.
‣ MovieLover#007: A password indicating a love for movies with the addition of a special character (#) and a reference to the James Bond character (007).
‣ BaseballChamps1995: A password combining a favorite sport (baseball) and the year their favorite team won the championship (1995).
• Phrases: They might use memorable phrases, such as lines from favorite songs or movies, converting them into passwords with abbreviations and number substitutions.
‣ M4tF0rc3_bwy: "May the Force be with you" could become "MtFbwy" (using the first letter of each word).
• Unique Combinations: Millennials may combine unrelated words and numbers to create unique passwords.
• Leetspeak: This generation may use 'leetspeak', a method of replacing letters with numbers or special characters that look similar
‣ ‘password' becomes 'p455w0rd'
• Passphrases: Instead of single-word passwords, this generation might use memorable phrases or sentences, increasing the password's length and, thus, its security.
• Random Generation: Gen Z, the most tech-savvy, might use digital tools and password generators to create complex, random passwords.
• Nonsensical Strings: They may string together seemingly unrelated words, characters, and numbers to form passwords.
• Emoji Passwords: As a generation comfortable with emojis, some platforms allow these to be integrated into passwords, and Gen Z might be more likely to utilize this.
In the study, most, if not all, tend to be influenced by personal preferences. Many often use easily guessable passwords, such as common words, sequential patterns, or simple variations of their personal information.
Method of Generating Passwords
• Baby Boomers: This group showed a high tendency to create passwords themselves, with 51% opting for Randomly Self-Generated passwords and 37% using a Personal System. They also showed a significant usage of Built-in Password Generators (49%), but are less likely to use Password Manager Apps (33%).
• Gen X: This generation showed a more balanced usage across methods—a notable 39% use a Personal System, followed by Randomly Self-Generated passwords (30%). The use of Password Manager Apps is similar to that of Baby Boomers (32%), but Gen X appears less likely to use Built-in Password Generators (22%).
• Millennials: This generation seemed less likely to use Randomly Self-Generated passwords (11%) and Personal Systems (16%). They showed a higher preference for Password Manager Apps (22%) compared to Gen Z but are less likely to use them than Baby Boomers and Gen X. The use of Built-in Password Generators is the least among all generations at 16%.
• Gen Z: The newest generation to the workforce shows the slightest preference for all the methods among the groups. Only 8% use Randomly Self-Generated passwords or a Personal System. They also have the lowest usage of Password Manager Apps (13%) and Built-in Password Generators (13%).
• A significant 67% of Millennials and 60% of Gen Zers are observed to use very complex passwords.
• Baby Boomers aged 65 and above surfaced as the demographic most likely to report using simple passwords.
• Compared to Millennials or Boomers, Gen X exhibits a higher frequency of unique password usage.
• An overwhelming 80% of Baby Boomers assert they invest considerable thought into their password creation process. (Last Pass)
• Millennials stand out as the generation most likely to include family member names in their passwords, with 22.7% doing so.
• The trend of incorporating romantic partners' names in passwords is evident in 17.5% of Millennials.
Prevalence of 'Love' in Passwords Across Generations and Genders
• In a review of 10 million passwords, the term "Love" appeared 40,000 times. (WP Engine)
• The word "Love" was also significantly present in a study analyzing 5 million Gmail credentials. (WP Engine)
• When compared by gender, 1.4% of women’s passwords contained the word "Love", twice the percentage of men’s passwords, which stood at 0.7%.
• Baby Boomers: This generation has the lowest occurrence of "Love" in passwords, with only 3.2% of Boomers using it.
• Gen X: A slightly higher percentage of Gen X individuals use "Love" in their passwords, at 3.6%.
• Millennials: There is a significant increase in the usage of "Love" among Millennials, with 5.7% incorporating it into their passwords.
• Gen Z: This generation also has a high percentage of "Love" usage in passwords, at 5.4%, slightly lower than Millennials but still notably higher than Baby Boomers and Gen X.
Password management and tracking are critical to online security in the digital age. Let’s take a closer look at how different generations track and manage their passwords, shedding light on their distinct security practices.
• Baby Boomers: This generation predominantly relies on memory (42%) and pen-and-paper methods (43%) for password storage. They utilize password manager tools less frequently, with only 28% using such services. Interestingly, Baby Boomers show the least usage of notes on their phones for password storage, at a mere 7%.
• Gen X: Gen X individuals are the most likely to rely on their memory for passwords, at 53%. They also frequently use password manager tools and computer documents for password storage, at 36% and 30%, respectively.
• Millennials: Millennials lead the way in using password manager tools, with 44% using such services. They are also likely to store their passwords in a computer document (31%). However, like the other generations, they still rely heavily on memory, with 52% remembering their passwords.
• Gen Z: The youngest generation, Gen Z, is most likely to use notes on their phones for password storage, at 42%. They also rely heavily on memory (51%). However, they are the least likely to store passwords in a computer document, with only 13% doing so.
Frequency of Password Update
• Baby Boomers: Most Baby Boomers (79%) report changing their passwords at least once a year, firmly adhering to regular password updates. Only a minority (21%) change their passwords less frequently.
• Gen X: Similar to Baby Boomers, Gen X demonstrates a diligent approach to password security, with 82% indicating they change their passwords at least once a year. The remaining 18% change their passwords less frequently.
• Millennials: This generation also prioritizes regular password changes, with 80% stating they update their passwords at least once a year. Like Gen X, the remaining 20% change their passwords less often.
• Gen Z: While most Gen Z individuals (69%) still change their passwords at least once a year, they exhibit a slightly lower frequency than the other generations. Notably, 31% of Gen Z respondents change their passwords less frequently, indicating room for improvement in their password security practices.
On Protecting Digital Assets
• Baby Boomers are the least likely to reuse passwords, showcasing their commitment to unique password usage.
• They perceive their professional and personal passwords to have a similar level of security.
• However, there is room for improvement in their password complexity, as older Boomers (aged 65 and above) tend to use less complex passwords.
• Gen X demonstrates strong cybersecurity practices:
‣ Only 15% of Gen Xers use corporate email accounts for social media logins, compared to 77% of Gen Z’ers and 55% of Millennials (SailPoint study).
‣ A mere 4% of Gen Xers would open a suspicious email, while 46% of Gen Z’ers and 29% of Millennials would do so (SailPoint study).
‣ Gen X leads the way in password security, with the highest likelihood of changing passwords at least once a year (Beyond Identity research).
‣ Gen X trails only Boomers in prioritizing the security of professional passwords, ensuring they are at least as secure as personal passwords (Beyond Identity research).
• Millennials prioritize speed, flexibility, and ease of use over robust security measures.
‣ They are twice as likely to prioritize simplicity over security when handling sensitive data (Appgate report).
‣ Approximately 60% of Millennials admit they would choose the easiest option when handling confidential documents (Appgate report).
‣ A significant percentage of Millennials tend to avoid security policies (Appgate report).
• Being comfortable with digital communication, Gen Z may exhibit overconfidence in the technology they know well.
• They may need to gain awareness of their role in ensuring organizational security.
• Gen Z could benefit from cybersecurity awareness training to enhance their understanding of digital asset protection.
Cybercrime Among Generations
Examining the prevalence and impact of cybercrime across different generations is crucial for understanding the evolving landscape of digital threats. Identifying common cybercrime patterns that target specific age groups and exploring the factors contributing to their susceptibility is essential for developing effective prevention and mitigation strategies.
• 44% of millennials reported experiencing a cyber threat, a higher percentage than baby boomers.
• 25% of millennials stated their identities were stolen at least once, indicating a higher vulnerability to identity theft than baby boomers.
• Gen Z had the highest percentage of experiencing a cyber threat at 51%, surpassing millennials and baby boomers.
• 24% of Gen Z individuals reported their identities being stolen, again higher than baby boomers.
• Baby boomers had the lowest percentage of experiencing a cyber threat at 21%.
• Only 14% of baby boomers reported having their identities stolen, the lowest among the three generations.
These findings highlight the varying experiences of different generations regarding cyber threats and identity theft, with millennials and Gen Z generally exhibiting higher rates than baby boomers.
Click on image to expand.
Empowering Stronger Password Habits: Uniting Generations in Digital Security
As our generational comparison of password security habits draws to a close, it's clear that each age group exhibits unique strengths and areas for improvement. To bridge the security gap and foster more robust password practices across all generations, it's essential to adopt tailored strategies that address each group's specific needs and preferences. Here are some key recommendations to empower stronger password habits:
• Educate and Raise Awareness: Provide comprehensive cybersecurity awareness training programs catering to each generation's distinct characteristics and digital experiences. Highlight the importance of password uniqueness, complexity, and regular updates.
• Embrace User-Friendly Tools: Introduce user-friendly password management tools that simplify creating and storing secure passwords. Ensure these tools are accessible and adaptable to different technological comfort levels.
• Promote Best Practices: Encourage adopting best practices such as using two-factor authentication, password encryption, and regularly reviewing and updating security settings. Provide clear instructions and step-by-step guidance for implementing these measures.
• Tailor Communication and Support: Customize communication channels and support mechanisms to cater to the preferences of each generation. Utilize user-friendly language, visual aids, and interactive platforms to engage and educate effectively.
By implementing these recommendations, we can bridge the security gap, enhance password security awareness, and empower individuals, from Baby Boomers to Gen Z, to safeguard their digital assets effectively. Together, we can create a safer digital environment for all generations to thrive in.