- 47 percent of Gen Z and 46 percent of Millennials claim to have had passwords hacked in Yubico’s latest annual report
- But they’re also the demographics supposedly most aware of and keen to adopt hardware security keys
- 73 percent of Gen Z are also worried about the rise of AI in cyberattacks
Gen Z and Millennials are just as at risk to password breaches as anyone else, a new report from Yubico has claimed.
Its survey found 47% of Gen Z and 46% of Millennials reporting their social media accounts passwords had been breached at some point, findings which appear to run at odds with 63% of respondents across the 20,000-strong sample size claiming they felt secure about cybersecurity measures in place to protect their personal information.
And yet, the report also reveals 70% of respondents reported being the victim of a cyberattack in the past twelve months, indicative of overconfidence and a lack of cybersecurity education. 40% of respondents claimed they haven’t received any cybersecurity training at work.
Gen Z and Millennial cybersecurity attitudes in the workplace
Things get worse when considering nearly half (49%) of respondents reported being more concerned about their personal data than that of their company or workplace, demonstrating business and enterprise owners can’t view computer and cybersecurity literacy as an innate skill in the youngest generations when considering the resilience of their own digital infrastructure.
It also seems silly to imply that younger generations are more likely to take to and understand the implications of new technologies more easily, when 58% of survey respondents reported their concern about AI’s continued “sophisticated” role in cyberattacks.
Yubico’s view on authentication methods
The primary purpose of the report appears to be to advocate for alternative authentication methods in the workplace, with just 21% of workers reporting that they use a mobile authenticator app. Yubico’s report does note workers may have valid reasons for not using this method, such as not wanting to use a personal smartphone for work or simply not having one
To this end, Yubico advocates for passwordless MFA solutions such as software-based passkeys (seeing widespread support in the tech industry), plus physical security keys.
“In addition to being highly secure, passkeys greatly simplify the user experience," noted Derek Hanson, Yubico’s VP of Standards and Alliances.
“By removing the need for users to remember complex passwords, it reduces the friction associated with logging in and eliminates the frustration of forgotten passwords. This can lead to increased user satisfaction and productivity, especially in enterprise environments where employees often juggle multiple accounts and passwords.”
“When we look at today’s options for passkeys, those that are device-bound on security keys provide the highest level of phishing-resistance and meet the strictest security standards.”
The report concludes by suggesting, “embracing emerging [technology] like hardware security keys and passkeys will undoubtedly play a pivotal role in safeguarding our digital identities and securing the systems and services we rely on every day”, a utopian notion that’s nicely bookended by the reveal that 39% of respondents believe that a standard username and password combination is the most secure authentication available.
You might also like
