Respondents of the Gen Z, millennial and baby boomer generations had different perceptions of cyber hygiene practices and responsibilities

Based on a commissioned survey* of around 2,000 employed adults about the personal and corporate impact of cybersecurity threats, a hardware authentication device manufacturer has released some findings in terms of age group: particular Gen Z and millennial respondents.

First, the data has indicated clear differences in the online habits of Gen Zs compared to other generations — including how people in this group indicated they were more aware of hacks impacting their daily lives, thereby making them more conscious of their cybersecurity habits.

Second, 47% of Gen Zs (and 46% of millennials) indicated they had had their social media account passwords hacked. The two groups led the survey respondents in hardware security key usage, relying less on passwords than other generations.

Other findings

In the survey, 42% of respondents had questions about whether organizations were doing enough to protect their data. Also:

  • Gen Z respondents were most concerned about AI’s role in cyberattacks, with 73% noting the sophisticated scams that had occurred in the immediate past
  • Gen Z respondents were nearly 20% more likely to use multifactor authentication than respondents who were baby boomers and Gen X
  • Almost 50% of respondents who were baby boomers cited believing that user names and passwords were an effective cybersecurity method, compared to 35% of Gen Z believing the same

According to Derek Hanson, VP (Standards and Alliances), Yubico, the firm that commissioned the survey, people should keep the following best cyber hygiene practices aforethought in 2025:

  1. Review all of online accounts and enable multifactor authentication to make it harder for phishing attacks to succeed. Where appropriate, use more secure solutions such as combinations of biometrics, passkeys and hardware-based identity security methods.
  2. Gen Z respondents were nearly 20% more likely to use multifactor authentication than respondents who were baby boomers and Gen X
  3. When responding to messages, always check the sender address to confirm if it is coming from the respective business or entity the sender claims to be from. When in doubt, directly contact the person or organization to confirm that the claims or statements are accurate.
  4. To cope with password fatigue, use a reputable password manager or similar solutions.

*conducted between July and Aug 2024 across Australia, France, Germany, India, Japan, Poland, Singapore, Sweden, United Kingdom and the USA