Gen Z has a cyber hygiene problem

Person logging into password manager on a laptop computer placed on a desktop surface.

(Image credit: Getty Images)

published 4 September 2025

Despite their reputation as digital natives, Gen Z is pretty poor when it comes to cybersecurity practices.

Analysis from consumer insights platform GWI found that while many in this demographic have grown up online, only three-in-ten have made a habit of regularly changing their passwords compared to 42% of Baby Boomers.

They’re also the generation least likely to keep software and devices up to date, with only 43% bothering. Gen Z was found lacking in other basic cyber hygiene practices, the study noted.

Just 36% reported using any antivirus software, for example, but more than half (58%) at least use two-factor authentication (2FA).

Gen Zers also take more risks. Only 35% avoid using insecure public wifi, in contrast to 48% of Boomers. They’re also less likely to check their accounts for suspicious activity, with only 40% doing so, compared with 54% of Boomers.

When asked how concerned they are about the threats of cyber attacks, only 44% of Gen Zers said they were ‘very’ or ‘extremely’ concerned, compared with 49% of Boomers.

Gen Z is too trusting

In general, they're a pretty trusting lot - especially with technologies like AI.

They're more likely than Boomers to feel extremely or very comfortable with AI agents taking action on their behalf, at 18%, compared with just 4% of Boomers.

By contrast, only 8% of Gen Z say they’re not at all comfortable with AI agents, compared with 12% of Boomers.

Notably, many said they often rely on AI for important decision-making, with 24% using it for health-related information and 22% for financial advice.

At work, 24% said they are comfortable with AI completing tasks for them, more than twice as many Boomers.

Gen Z is keen on training

One positive takeaway from the study is that a significant majority are keen to improve their cybersecurity skills. For example, 91% said that training staff on data security should be a key workplace priority.

The researchers suggested that the reason for the disconnect is Gen Z’s overreliance on smartphones, where features like face ID, auto-login, and password managers are the norm.

“Gen Z has grown up in a world where convenience is the default. With devices auto-filling passwords, logging them in with a glance, and silently syncing their data, there’s little reason, or opportunity, for them to build good security habits," said Matt Smith, data journalist at.

"But that reliance on automation creates a false sense of safety. When something goes wrong, many Gen Zers don’t know how to react—because they’ve never had to think about it.”

The report aligns with similar research into Gen Z security habits from Bitwarden earlier this year. The company found this generation was the worst when it comes to password reuse, with 72% admitting they recycle credentials, compared with just 42% of Boomers.

Worse still, even when they do create a new one, 38% of Gen Z and 31% of Millennials said they only bothered to change a single character or reuse an existing one.

Make sure to follow ITPro on Google News to keep tabs on all our latest news, analysis, and reviews.

MORE FROM ITPRO

TOPICS

Emma Woollacott is a freelance journalist writing for publications including the BBC, Private Eye, Forbes, Raconteur and specialist technology titles.