Gen Z has a cyber hygiene problem
A new survey shows Gen Z is far less concerned about cybersecurity than older generations
Despite their reputation as digital natives, Gen Z is pretty poor when it comes to cybersecurity practices.
Analysis from consumer insights platform GWI found that while many in this demographic have grown up online, only three-in-ten have made a habit of regularly changing their passwords compared to 42% of Baby Boomers.
They’re also the generation least likely to keep software and devices up to date, with only 43% bothering. Gen Z was found lacking in other basic cyber hygiene practices, the study noted.
Just 36% reported using any antivirus software, for example, but more than half (58%) at least use two-factor authentication (2FA).
Gen Zers also take more risks. Only 35% avoid using insecure public wifi, in contrast to 48% of Boomers. They’re also less likely to check their accounts for suspicious activity, with only 40% doing so, compared with 54% of Boomers.
When asked how concerned they are about the threats of cyber attacks, only 44% of Gen Zers said they were ‘very’ or ‘extremely’ concerned, compared with 49% of Boomers.
Gen Z is too trusting
In general, they're a pretty trusting lot - especially with technologies like AI.
They're more likely than Boomers to feel extremely or very comfortable with AI agents taking action on their behalf, at 18%, compared with just 4% of Boomers.
By contrast, only 8% of Gen Z say they’re not at all comfortable with AI agents, compared with 12% of Boomers.
Notably, many said they often rely on AI for important decision-making, with 24% using it for health-related information and 22% for financial advice.
At work, 24% said they are comfortable with AI completing tasks for them, more than twice as many Boomers.
Gen Z is keen on training
One positive takeaway from the study is that a significant majority are keen to improve their cybersecurity skills. For example, 91% said that training staff on data security should be a key workplace priority.
The researchers suggested that the reason for the disconnect is Gen Z’s overreliance on smartphones, where features like face ID, auto-login, and password managers are the norm.
“Gen Z has grown up in a world where convenience is the default. With devices auto-filling passwords, logging them in with a glance, and silently syncing their data, there’s little reason, or opportunity, for them to build good security habits," said Matt Smith, data journalist at.
"But that reliance on automation creates a false sense of safety. When something goes wrong, many Gen Zers don’t know how to react—because they’ve never had to think about it.”
The report aligns with similar research into Gen Z security habits from Bitwarden earlier this year. The company found this generation was the worst when it comes to password reuse, with 72% admitting they recycle credentials, compared with just 42% of Boomers.
Worse still, even when they do create a new one, 38% of Gen Z and 31% of Millennials said they only bothered to change a single character or reuse an existing one.
Make sure to follow ITPro on Google News to keep tabs on all our latest news, analysis, and reviews.
MORE FROM ITPRO
- Has password hygiene ever improved?
- Most passwords take a matter of minutes to crack
- How to create a secure password policy
-
Salesforce targets telco gains with new agentic AI toolsNews Telecoms operators can draw on an array of pre-built agents to automate and streamline tasks
-
Four national compute resources launched for cutting-edge science and researchNews The new national compute centers will receive a total of £76 million in funding
-
Using AI to generate passwords is a terrible idea, experts warnNews Researchers have warned the use of AI-generated passwords puts users and businesses at risk
-
Researchers called on LastPass, Dashlane, and Bitwarden to up defenses after severe flaws put 60 million users at risk – here’s how each company respondedNews Analysts at ETH Zurich called for cryptographic standard improvements after a host of password managers were found lacking
-
‘They are able to move fast now’: AI is expanding attack surfaces – and hackers are looking to reap the same rewards as enterprises with the technologyNews Potent new malware strains, faster attack times, and the rise of shadow AI are causing havoc
-
Ransomware gangs are using employee monitoring software as a springboard for cyber attacksNews Two attempted attacks aimed to exploit Net Monitor for Employees Professional and SimpleHelp
-
Notepad++ hackers remained undetected and pushed malicious updates for six months – here’s who’s responsible, how they did it, and how to check if you’ve been affectedNews Hackers remained undetected for months and distributed malicious updates to Notepad++ users after breaching the text editor software – here's how to check if you've been affected.
-
CISA’s interim chief uploaded sensitive documents to a public version of ChatGPT – security experts explain why you should never do thatNews The incident at CISA raises yet more concerns about the rise of ‘shadow AI’ and data protection risks
-
Former Google engineer convicted of economic espionage after stealing thousands of secret AI, supercomputing documentsNews Linwei Ding told Chinese investors he could build a world-class supercomputer
-
90% of companies are woefully unprepared for quantum security threats – analysts say they need to get a move onNews Quantum security threats are coming, but a Bain & Company survey shows systems aren't yet in place to prevent widespread chaos
