Yubico releases 2020 State of Password and Authentication Security Behaviors report

Today, Yubico released its second annual State of Password and Authentication Security Behaviors Report, conducted by Ponemon Institute. The study surveyed 2,507 IT security practitioners in Australia, France, Germany, Sweden, United Kingdom, and United States, as well as 563 individual users.

Last year’s report strictly focused on IT security professionals and their password and authentication behaviors and beliefs, so in this year’s report we were curious to see if any of these habits improved. Additionally, we wanted to see how their security practices or preferences compared to the individual users — employees and customers — that IT professionals are serving.

Ultimately, we discovered that both IT practitioners and individuals are engaging in risky security practices. Password problems continue to prevail, two-factor authentication (2FA) lacks adoption, and mobile use introduces a new set of security challenges and complexities.

What’s also interesting about this year’s report is that we can see the gaps between the solutions and technologies that IT security respondents are implementing, and the preferences from individual users.

These findings underscore the need for easy-to-use and highly secure solutions for IT professionals and individual users to reach a safer future together. The good news is that we are well on our way with the growing adoption of FIDO and WebAuthn open standards. Today, WebAuthn is supported in all major platforms and browsers, bringing the benefits of security keys and the promise of passwordless login to millions around the world — two solutions that both IT and individual respondents rated as desirable.

See our infographic below for a high-level view of some of the most salient findings.

To download the full research report and infographic, please visit yubico.com/authentication-report-2020. To learn more about cybersecurity trends on the path to digital transformation, sign up for the upcoming Yubico webinar on March 18 at 10 a.m. PST.

Ponemon report infographic

Talk to our teamTalk to our team

Share this article:


  • CEO Corner: Entering the second half of 2025 with momentumAs we continue to move further into the second half of 2025, I want to share a look back at our journey so far this year and as well as lay out Yubico’s strategic path ahead.  Resurgence in order growth and key segment wins While net sales declined for Q2, the end of the quarter […]Read moreCEOCEO CornerEarningsMattias Danielsson
  • Survey says: Your dog’s name isn’t a passwordWe all know we should be protecting our digital lives, but what are Americans actually doing? Yubico recently commissioned a survey, conducted by Talker Research, which asked 5,000 Americans in 10 major metro cities across the U.S. about their online security habits. Here’s a closer look at what they found (hint: they’re not as secure as they […]Read moreCompany Newssurvey
  • Passkeys are winning, but security leaders must raise the barPasswords are on their way out. In their place is a new form of login called passkeys that promises stronger security and less frustration. All passkeys offer the rare combination of improved usability and stronger security, especially when compared to passwords alone. But unless we act now, millions could be left more vulnerable than ever. […]Read moreDevice-bound passkeysHardware passkeypasskeyssynced passkeys
  • Your top YubiKey questions, answeredOver the 10+ years I’ve been at Yubico, I’ve had the pleasure of meeting customers, partners and many others talking about digital security. While every conversation is different, I am often asked many of the same questions about YubiKeys. One thing remains consistent: many people know they need better security, but they’re not sure what […]Read moreFAQYubiKey