Survey results are in: 59% of employees still rely on username and password as primary method to authenticate their accounts

Our inaugural State of Global Enterprise Authentication Survey – which we exclusively previewed in September during YubiSummit – captures a snapshot of how companies around the world are tackling authentication. 

We received over 16,000 responses from entry-level employees up to business owners at organizations ranging in size from one to 2,000+ employees, in eight countries: the United Kingdom, the United States, Australia, New Zealand, Singapore, France, Germany, and Sweden. Now, we’re excited to share the full of the global survey results – offering a comprehensive and in-depth look at the practices and attitudes driving authentication at real companies. Download the full report here.

The results show:

  • 59% of employees still rely on passwords as a primary authentication method
  • 62% of US employees have written down or shared a password over the past year
  • 78% of respondents have been exposed to a cyber attack in their personal life in the last year

Employees worldwide are increasingly aware of – and exposed to – harmful cyberattacks, both at home and at work. Yet account security is still put at risk by employees’ poor security hygiene and by enterprises who rely on legacy authentication practices. Phishing-resistant MFA offers an easy, affordable, and effective way for any organization to upgrade their security – but the findings indicate that most companies are not using it to their advantage. The report helps organizations understand how and why they need to improve. 

Every country surveyed has some way to go, though progress is uneven. The US leads the world on cyber education: 62% of employees frequently receive security training, compared to only 24% in New Zealand. However, businesses remain complacent: 26% of US businesses aren’t concerned about cyber attacks; only 9% of UK companies say the same.

Individual reports, translated and featuring additional deep dives into exclusive local survey data, are now available for:

The full global report is also available in Spanish.

Talk to our teamTalk to our team

Share this article:


  • An inside look at Yubico’s transition to passwordlessBefore “passkey” became a familiar term in our industry, Yubico had long delivered hardware-backed and phishing-resistant FIDO2 based authentication. Today, the adoption of passkey usage is accelerating. However, it’s taken quite a bit longer to integrate passwordless authentication into the everyday, enterprise-grade authentication flows that are required for today’s businesses.  As long as it’s been […]Read moreOktapasswordless
  • Mission matters – my reflections on winning the EY World Entrepreneur of the Year “This is the biggest mission any of the entrepreneurs have presented in this competition.”  I heard these words a few weeks ago from one of the judges for the EY World Entrepreneur of the Year award program – whom I had the honor to meet during the final step of the world’s largest entrepreneur competition.  […]Read moreawardsFounderStina Ehrensvard
  • Yubico recognized by TrustRadius 2025 Award for top customer reviewsAs AI-driven cyber threats like credential phishing evolve and grow in complexity, phishing-resistant YubiKeys are an important component toward cyber resilience — and our mission to make the internet more secure has never been more critical. To support this, customer feedback is something we take very seriously and is an invaluable tool to ensure we’re […]Read moreawardsTrustRadius
  • CEO Corner: Maintaining stable growth while navigating global uncertaintyAs we officially close out the first quarter of 2025,  I am pleased we saw a quarter with solid growth and profitability along with ongoing demand for phishing-resistant authentication. We continue to see new types of high-profile cyber attacks appearing regularly, and a major reason for the success of phishing attacks is stolen credentials. As […]Read moreCEOCEO CornerEarningsMattias Danielsson