Published on August 03, 2023

Although generally considered to be the most tech-savvy demographic in the workplace, many Millennials are likely to be cybersecurity liabilities. According to a ManageEngine survey conducted in July 2023, Millennials are the worst offenders when it comes to following cybersecurity best practices. However, to be fair, Gen Zers aren’t far behind.

As a caveat, it’s also worth noting that these younger generations aren’t the only cybersecurity culprits. Across the board, all generations of consumers showed a propensity to connect to public Wi-Fi; trust big tech companies’ data protection; engage in poor password practices, and open links from unknown senders. We’ll discuss each in turn.

Willingness to connect to public Wi-Fi

By connecting to public Wi-Fi, many consumers are taking risks when it comes to the security of their devices and online accounts.

Unfortunately, fifty-five percent of all respondents said they are in the habit of connecting their work laptops or phones to public Wi-Fi.

So there isn’t any confusion, “public Wi-Fi” was described in the questionnaire as “free or passwordless internet provided at an airport, coffee shop, retailer, etc.” Over half of all respondents (52%) said they also make online purchases while connected to public Wi-Fi, potentially exposing sensitive data, such as credit card and confidential work information. The most willing to connect to public Wi-Fi were Millennials (73%) and Gen Zers (73%).

Poor password hygiene

Posing another threat to personal and professional devices, the vast majority (71%) of consumers reported using the same password across multiple accounts, at least occasionally, if not all the time. Again, Millennials (81%) were the worst offenders, followed by Gen Zers (77%).

Opening links from unknown senders

This was a big problem for all the respondents.

Of all the respondents, 25% have been the victim of a personal scam or received a virus on their personal or work device after opening a link via text or email from an unknown sender.

As usual, Millennials (37%) and Gen Zers (32%) were even worse. In fact, Millennials were— by far— the worst culprits, as only 41% could definitively say they’ve never clicked on links via text or email from an unknown sender, and only 26% of Millennials could say that their personal data has never been compromised by a data breach.

Placing a lot of trust in big tech companies’ data protection practices

A surprisingly large number of consumers trust big tech companies.

Sixty-five percent said they generally trust big tech companies’ ability to keep their personal data secure, though roughly half (51%) have had their personal data compromised as a result of a data breach.

And I’m sure you’re noticing a theme by now: Millennials were the most problematic, with 75% of them saying they trust big tech companies to keep their personal data secure. Gen Zers (69%) were close behind.

Key takeaways

Millennials are the biggest security offenders. They are the most likely to use the same password across multiple online accounts (80%), and they’re also the most inclined to trust big tech to keep their personal data secure (75%). Therefore, it’s no surprise that they’re the most-impacted generation when it comes to data breaches (60%).

If this generation, which is soon to comprise the bulk of the workforce, continues to practice such poor cyber hygiene, sensitive corporate data will almost certainly be put at risk. As a quick aside, working from home likely exacerbates the situation, as Millennials prefer working from home more than other generations, and those working from home generally face less supervision and are more likely to use personal devices to access corporate information.

Although this study suggests that Millennials have the worst cybersecurity hygiene, by no means are they the only ones culpable. As this study shows, accessing public Wi-Fi; using the same password; blindly trusting big tech companies, and opening text and email links from unknown senders are serious issues for members of every generation.


Methodology: During July 2023, ManageEngine, in partnership with Dynata, conducted a consumer survey, which targeted 1,000 adults across the United States, aged 18 and up. Figures for age, education, employment, gender, income, and region were weighted to bring them into line with their actual proportions in the population. The sample is based on those who agreed to participate; hence, no sampling error estimates could be calculated. Millennials were classified as those born during 1981-1996 (27-42 years old). Respondents born between 1997-2012 (11-26 years old) were considered to be Gen Z.

John Donegan

John Donegan

Enterprise Analyst, ManageEngine

John is an Enterprise Analyst at ManageEngine. He covers infosec, cybersecurity, and public policy, addressing technology-related issues and their impact on business. Over the past fifteen years, John has worked at tech start-ups, as well as B2B and B2C enterprises. He has presented his research at five international conferences, and he has publications from Indiana University Press, Intellect Books, and dozens of other outlets. John holds a B.A. from New York University, an M.B.A. from Pepperdine University, an M.A. from the University of Texas at Austin, and an M.A. from Boston University.

 Learn more about John Donegan

Elevate productivity: Achieving the essential balance of tech and human well-being

close icon