No generations were left untouched when it came to the threat of hackers in 2024: from the impact of political shakeups, to increasingly sophisticated cyber attacks targeting consumers, critical industries and infrastructures, the world was on high alert. Fueled by a dramatic increase in phishing attacks circumventing certain forms of legacy multi-factor authentication (MFA), as well as a rise in AI-driven cyber threats, bad actors were on the attack in record numbers.
As we kick off 2025 with a continuously evolving threat landscape, it’s more important than ever to rethink security practices and how to create a holistic, proactive approach to cybersecurity hygiene across personal life and the workplace. Having an accurate view of the impact of cybersecurity – both positive as well as what can be improved upon – is an invaluable asset to improving security postures. Yubico was able to do just that last year: our 2024 State of Global Authentication survey captured a snapshot of the current state of cybersecurity – including how individuals and businesses around the world are tackling authentication and the increasing risks of technologies like AI on cybersecurity efforts globally.
To get a better understanding of the results, we dove deeper into the differences (and similarities) of generations and the ages of respondents. With the survey highlighting overarching trends globally, the extended breakdown is a unique look at how generations differ in terms of their cybersecurity habits. For example, the results show clear differences in the habits of Gen Z compared to other generations – including how Gen Z is more aware of hacks impacting their daily lives, which is making them more conscious of their cybersecurity habits. Key global findings between generations include:
- Nearly half of Gen Z (47%) and Millennials (46%) have had their social media account passwords hacked
- Gen Z and Millennials lead in hardware security key usage, relying less on passwords than other generations
- Generations agree: 42% question whether organizations are doing enough to protect their data
- Gen Z most concerned about AI’s role in cyberattacks, with 73% noting sophisticated scams
- Gen Z is almost 20% more likely to use MFA than Baby Boomers and Gen X
- Almost 50% of Baby Boomers believe usernames and passwords is an effective cybersecurity method – compared to 35% for Gen Z
Ronnie Manning, Yubico’s chief brand advocate, found the survey particularly interesting in relation to changing habits around cybersecurity regardless of age: “Beliefs around cybersecurity by all generations are changing globally, and this is reflected by key trends like reliance on traditional usernames and passwords as the primary form of authentication going down and the use of of modern MFA tools like hardware security keys trending up.
Our results clearly show Gen Z is the most concerned with their cybersecurity, but we’re still seeing security become increasingly important for all demographics as cyber attacks like phishing continue being headline news. This includes using MFA beyond their work lives and into their personal lives as well, and becoming more educated around the use of modern MFA like passkeys in general.”
With these generational breakdowns providing further insights to individual trends and approaches to cybersecurity globally, it’s important to understand the risks and how to stay secure from increasingly sophisticated cyber attacks like phishing. Not only does this mean becoming more educated on cybersecurity tools available, but reaching out to an employer or favorite businesses to ask them to add support for more secure authentication solutions like passkeys. Derek Hanson, VP of standards and alliances at Yubico, detailed some some tips for individuals to keep in mind in 2025:
- Check all of your frequently used online accounts and wherever possible, enable those accounts to use MFA to make it harder for phishing attacks to succeed. A hardware security key like a YubiKey, the gold standard for phishing-resistant MFA, works across hundreds of applications and services, providing strong security across multiple accounts.
- Be vigilant: Always check the email sender address to confirm if it is coming from the respective business or entity they are claiming to be from. If you receive a suspicious email or text message and are still unsure if it is legitimate, directly contact the organization to confirm that the claims or statements are accurate.
- Ensure you’re using a password manager
For more information on the survey findings breaking down demographics, check out our infographic below and here. You can also visit a breakdown of the full survey results here, in a Q&A here with Yubico’s Derek Hanson, as well as in our webinar.
