New Yubico Survey: Boomers Have Better Cybersecurity Habits Than Millennials and Gen Z

Ryan Schin

Ryan Schin

5 minute read

Millennials are twice as likely to reuse their passwords on various shopping sites, leaving them vulnerable to account breaches during a busy holiday shopping season

SANTA CLARA, CA and STOCKHOLM, SWEDEN- October 19, 2023 – Yubico, the leading provider of hardware authentication security keys, today announced the results of the company’s 2023 survey, ‘In a growing era of sophisticated phishing attacks, have people adjusted their cybersecurity hygiene?’ conducted by OnePoll. OnePoll, a leading provider of international market research and data communication solutions, surveyed 2,000 consumers* in the United States and the United Kingdom. 

The purpose of this study is to understand attitudes and perceptions from consumers on cybersecurity across the US and UK, with a particular focus on how different age demographics fare in protecting themselves online. Additionally, the survey aimed to learn if consumers are concerned about protecting their online accounts, and if so, how they are protecting them. 

“While it is technically easy for retailers to implement basic username and password authentication for their customers, these types of credentials alone are easy for attackers to circumvent, allowing unauthorized access to online accounts,” said Ben Eichorst, director of infrastructure security at Yubico. “During busy online shopping months, consumers may be tempted to adopt risky habits such as reusing passwords across services, or clicking on order information links that appear legitimate. These kinds of behaviors put consumers at a higher risk for their accounts to be compromised.” 

Key findings from the research indicate that:

  • While 80% of survey respondents are concerned about cybersecurity when it comes to their online accounts, 39% admitted to using the same passwords for multiple accounts.
    • Boomers are the least likely to reuse passwords (20%), while Millennials are more than twice as likely to reuse passwords (47%) across their accounts. 
  • A significant part of online shopping revolves around trusting an online retailer is who they say they are, and effectively safeguarding your personal and financial information. Despite a mistrust of online retailers, consumers are still storing their personal and financial information on these websites.
    • About one third of respondents (32%) are not confident that they could spot a fraudulent or fake online retailer. 
    • About one in three do not “completely” or “mostly” trust the websites they use to effectively protect their personal/credit card information.**
    • 33% of respondents save their credit card information in their online accounts.
  • The study shows the Boomers have a greater mistrust of websites than Millennials, potentially leading them to have better online privacy practices.
    • 37% of Millennials save their credit card information in their online accounts, while only 19% of Boomers do. 
    • On average, Boomers (42%) are almost twice as likely to feel unconfident in their ability to spot a fraudulent online retailer than Gen Z (23%) and Millennials (29%). 
  • Despite being concerned about cybersecurity, approximately one out of two (49%) respondents stated that they do not use MFA, don’t know what it is or are not sure if they have MFA turned on.
    • As with most other categories, Boomers reported having better cybersecurity hygiene than Millennials, with only 47% of them reporting that they do not use MFA, don’t know what it is or are not sure if they have MFA turned on, compared to 52% of Millennials. 

“96% of respondents in our study plan to shop online between October and December, which makes now an ideal time to review online security habits,” Eichorst continued. “While there is much that can be done to improve security, the first step for consumers is to review existing sign-in methods, creating unique credentials stored in a trusted password manager, and, if possible, upgrading login methods to use strong, phishing-resistant, multi-factor authentication solutions, such as the YubiKey.”

For the full results of the survey, you can download an overview of the report here and the associated infographic here. For more information on Yubico, visit www.yubico.com. For additional tips on how to stay safe online this holiday season, see our latest blog here.

About Yubico

Yubico (Nasdaq First North Growth Market Stockholm: YUBICO), the inventor of the YubiKey, offers the gold standard for phishing-resistant multi-factor authentication (MFA), stopping account takeovers in their tracks and making secure login easy and available for everyone. Since the company was founded in 2007, it has been a leader in setting global standards for secure access to computers, mobile devices, servers, browsers, and internet accounts. Yubico is a creator and core contributor to the FIDO2, WebAuthn, and FIDO Universal 2nd Factor (U2F) open authentication standards, and is a pioneer in delivering modern, hardware-based passkey authentication security at scale to customers in over 160 countries.

Yubico’s solutions enable passwordless logins using the most secure form of passkey technology. YubiKeys work out-of-the-box across hundreds of consumer and enterprise applications and services, delivering strong security with a fast and easy experience.

As part of its mission to make the internet more secure for everyone, Yubico donates YubiKeys to organizations helping at-risk individuals through the philanthropic initiative, Secure it Forward. The company is headquartered in Stockholm and Santa Clara, CA. For more information on Yubico, visit us at www.yubico.com.

Contact:

Yubico Communications Team

press@yubico.com

*Data from two double-opt-in surveys conducted by OnePoll on behalf of Yubico. The first survey polled 1,000 U.S. adults on Aug. 30, 2023, and the second polled 1,000 U.K. adults between Aug. 31 and Sept. 1, 2023. The generation breakdown by ages are as follows: Gen Z: 18-26, Millennials: 27-42, Gen X: 43-58, Boomer: 59-77. For each, the margin of error is +/- 3.1 points with 95% confidence. The surveys were conducted by market research company OnePoll, which is a member of the Market Research Society (MRS) and has corporate membership with the American Association for Public Opinion Research (AAPOR).

**Gen Z is not reported here because the results were not statistically significant.

Share this article:
  • FIPS certified vs. FIPS compliant: What’s the real difference?“Is your MFA solution FIPS compliant, or is it certified?”  This is a question we hear a lot, and for good reason. In industries where security and compliance are critical (especially in government contracts), understanding the difference between FIPS certified and FIPS compliant isn’t just semantics – it can mean the difference between meeting requirements […]Read moreFIPSNIST
  • 2025 Global State of Authentication survey: A world of difference in cybersecurity habitsIn a world that’s more connected than ever, the landscape of cybersecurity threats is constantly evolving. Bad actors, now supercharged with artificial intelligence (AI), are becoming increasingly adept at exploiting human error through sophisticated phishing and social engineering attacks. This makes robust cybersecurity a universal issue, impacting everyone from individuals to the largest global enterprises. […]Read moreGlobal State of Authenticationsurvey
  • Making digital security a right: Inside Yubico’s Secure it Forward programTechnology can be a great equalizer — but only if the strongest protection is within reach. Since 2022, Yubico has donated more than 65,000 YubiKeys to hundreds of organizations worldwide — a retail value of over $3.3 million. Each key helps strengthen digital protection for those doing vital work in their communities. This isn’t just […]Read more
  • Unlocking trust in enterprise security: Yubico and Okta empowering businesses togetherCollaboration with ecosystem partners is critical for providing our customers with the best cybersecurity solutions. Together, Yubico and Okta have achieved remarkable milestones over the years, including launching innovative solutions and aligning our go-to-market efforts – all aimed at delivering the most impactful cybersecurity solutions and user experience for our customers and partners. At the heart […]Read moreOktaOktane