1Password expands its endpoint security offerings with Kolide acquisition

1Password, the AgileBits-owned password management software developer, today announced that it has acquired Kolide, an endpoint security platform, for an undisclosed amount. According to 1Password CEO Jeff Shiner, Kolide founder and CEO Jason Meller and all of Kolide’s 30 employees will join 1Password “as an intact team.” Meller has taken on the role of VP […]

© 2024 TechCrunch. All rights reserved. For personal use only.

1Password’s new service lets businesses quickly adopt passkeys

Password manager 1Password today launched a new service, Passage by 1Password, that’s designed to allow businesses to build passkey authentication into their apps and websites without having to maintain their own security infrastructure.

The rollout signals 1Password’s expansion beyond credential management and into the customer identity access management space. But it’s also on trend. Apple introduced passkey support to iOS back in September to enable iPhones to serve as log-in tools for any compatible website or app. PayPal debuted support for passkeys on iOS in October, while other companies such as Google, Shopify, Kayak and DocuSign have also introduced support.

“Replacing passwords has been predicted since the early 2000s, but now all of the major platforms — Microsoft, Apple, Google, etc. — along with 1Password and others have joined the FIDO Alliance to make the passwordless vision a reality,” 1Password CEO Jeff Shiner told TechCrunch in an email interview. (The FIDO Alliance, the governing industry body for authentication, is charged with defining specifications for passkeys.) “By launching Passage by 1Password, we aim to drive adoption of this technology by enabling developers and businesses to easily implement passkey logins into their products and services.”

To Shiner’s point about the superiority of passkeys, it’s true that the tech — a biometric-based login solution — is far more secure than passwords generally speaking. As The Verge’s Jess Weatherbed notes, passkeys can replace passwords and verification systems like two-factor authentication or SMS verification entirely, providing better protection against hacking and phishing attacks as there’s no fixed login or transmitted code to be stolen.

They’re also easier to use than passwords — arguably. Research from the FIDO Alliance found that 58% of U.S. consumers have abandoned carts and stopped their purchases due to the difficulty managing passwords, while 1Password’s own research suggests that 75% of people would consider using passkeys in place of passwords.


Passkey Flex.

Passage by 1Password encompasses two products: Passkey Complete and Passkey Flex. Complete lets businesses create passkey user experiences that work across platforms including iOS, Android, MacOS and Windows. As for Flex, it allow customers to implement passkey solutions over time while educating their customer support teams and integrating the solutions with their existing identity management systems.

Passkey Complete and Passkey Flex are free for up to 1,000 monthly active users. Above that, companies pay per usage; a 1Password subscription isn’t required to use Passage.

Asked about how Shiner sees Passage fitting into 1Password’s broader product portfolio, he said he believes it to be a “natural extension” but also a road to expansion — coming just over a year after the company raised $620 million in a Series C round that valued it at $6.8 billion. At the time of the fundraise, 1Password credited its success with the continuation of remote and hybrid working and the rapid adoption of cloud apps, both trends aligned with the broader move toward passkeys, according to Shiner.

Password’s vision has always been to build a safer, simpler digital future for everyone and we do that by taking a human-centric approach to security so businesses, individuals, and developers can effortlessly safeguard their most private information,” Shiner said. “Passage by 1Password enables developers across a range of businesses to integrate passkey login experiences into their projects with just a few lines of code … We’re rolling out now and have seen strong initial interest in our solutions with thousands of developers signing up to try it in its early stages.”


Passkey Complete.

1Password, which offers a directory of websites, apps and services that already allow users to sign in using passkeys, has been vocal in its support of the tech on the consumer side, as have rivals like Dashlane. The company recently announced that, starting June 6, anyone with a 1Password account will be able to save and manage their passkeys, and 1Password has teased allowing users to replace their master password with a passkey.

“Being able to remove the password entirely, and the friction that goes along with it, will quickly become a competitive advantage for those early adopters,” Shiner continued. “When there’s a security benefit, a business benefit and a usability benefit, that’s what’s really going to help propel passkey adoption forward for a specific sector … We see this as a win-win for both businesses and their customers, and it’s something that we’re excited to support and make a reality.”

1Password’s new service lets businesses quickly adopt passkeys by Kyle Wiggers originally published on TechCrunch

Open-source password manager Bitwarden raises $100M

Bitwarden, an open-source password manager for enterprises and consumers, has raised $100 million in a round of funding led by PSG, with participation form Battery Ventures.

Founded initially back in 2015, Santa Barbara, California-based Bitwarden operates in a space that includes well-known incumbents including 1Password, which recently hit a $6.8 billion valuation off the back of a $620 million fundraise, and Lastpass, which was recently spun out as an independent company again two years after landing in the hands of private equity firms.

In a nutshell, Bitwarden and its ilk make it easier for people to generate secure passwords automatically, and store all their unique passwords and sensitive information such as credit card data in a secure digital vault, saving them from reusing the same insecure password across all their online accounts.

Bitwarden’s big differentiator, of course, lies in the fact that it’s built atop an open-source codebase, which for super security-conscious individuals and businesses is a good thing — they can fully inspect the inner-workings of the platform. Moreover, people can contribute back to the codebase and expedite development of new features.

On top of a basic free service, Bitwarden ships a bunch of paid-for premium features and services, including advanced enterprise features like single sign-on (SSO) integrations and identity management.


It’s worth noting that today’s “minority growth investment” represents Bitwarden’s first substantial external funding in its seven year history, though we’re told that it did raise a small undisclosed series A round back in 2019. Its latest cash injection is indicative of how the world has changed in the intervening years. The rise of remote work, with people increasingly meshing personal and work accounts on the same devices, means the same password is used across different services. And such poor password and credential hygiene puts businesses at great risk.

Additionally, growing competition and investments in the management space means that Bitwarden can’t rest on its laurels — it needs to expand, and that is what its funds will be used for. Indeed, Bitwarden has confirmed plans to extend its offering into several aligned security and privacy verticals, including secrets management — something that 1Password expanded into last year via its SecretHub acquisition.

“The timing of the investment is ideal, as we expand into opportunities in developer secrets, passwordless technologies, and authentication,” Bitwarden CEO Michael Crandell noted in a press release. “Most importantly, we aim to continue to serve all Bitwarden users for the long haul.”

Remote work and cloud adoption lands 1Password with $620M Series C, now valued at $6.8B

Password management platform 1Password has closed a massive $620 million Series C funding round that raises the company’s valuation to $6.8 billion.

The investment was led by Iconiq Growth, with participation from Tiger Global, Lightspeed Venture Partners, Backbone Angels, and Accel, which led the company’s $200 million Series A and $100 million Series B rounds. Other investors taking part include CrowdStrike CEO George Kurtz, General Motors CEO Mary Barry, and LinkedIn chairman Jeff Weiner. The round also attracted investment from investors Ryan Reynolds, Robert Downey Jr, and Justin Timberlake.

The bumper funding round follows an impressive year of growth for 1Password. The company told TechCrunch that since its Series B raise in July last year, it has increased its paying customer base from 90,000 to more than 100,000 — adding big-name corporate subscribers including Datadog, Intercom and Snowflake — and has grown its internal headcount from 475 to 570 employees. This, the company says, has been driven by three things: the continuation of remote and hybrid working, the rapid adoption of cloud apps, and the acceleration of work-related burnout.

The latter point is becoming a particularly worrying cybersecurity threat, according to the company, which found that 80% of office workers and 84% of security specialists are feeling burned out as a result of the pandemic, with 12% using the same password or just a few different passwords for everything at work as a result.

“We’ve found that when you have stress and burnout, two things happen,” 1Password CEO Jeff Shiner tells TechCrunch. “Firstly, people look for the easy way — when you’re overworked, you’re going to put security on the back-burner. The other side effect of stress and burnout has been a desire to change, and you see that in the Great Resignation. That leads to security issues because all those apps and services that IT are not aware of you’re now taking with you.”

1Password will use its newly-raised funds to drive continued growth; the company said it plans to triple its engineering and customer support teams, to build out its business-focused Events API functionality that provides visibility into successful and failed sign-in attempts, and to finance more acquisitions.

“We’re looking at strategic acquisitions,” Shiner says. “We made an acquisition last year with Secret Hub, and we will continue to look at acquisitions and how those can help us achieve our mission and goals.”

Ultimately, though the Series C funding round provides 1Password with a substantial amount of capital, Shiner says the company has no plans for an exit “just yet.”

The funding will “give us the sleep-at-night ability to go after some of the big bets that we need to take,” said Shiner.

1Password’s new feature lets you safely share passwords using just a link

Password sharing in the workplace and at home is a common practice, but doing so securely can be tricky. 1Password aims to address that with its new feature that gives you a way to share log-in credentials in a secure way even with people who don’t have an account with the service. It’s called Psst!, which is short for Password Secure Sharing Tool, and it’s apparently one of the company’s most requested features.

Based on a research the company conducted, most workers reuse corporate credentials. Of those people, 36 percent admitted to sharing log-ins with other workers and clients via insecure channels, including emails, chat apps, spreadsheets, documents and texts. In another survey, 1Password found that most families share passwords between members and also use insecure methods, such as writing them down and messaging them to each other.

Psst! allows you to share credentials with anybody by generating a link with the information that other people can access, even if they don’t have a 1Password account. You can choose how long the link remains valid, from an hour to 30 days, after which it will automatically expire. You can also choose to share the credentials with anybody who has the link or with specific people only. If you choose the latter, the service will require the recipient to confirm their identity by verifying their email addresses before giving them access.

The service has launched this new feature alongside its announcement that it now has over 100,000 business customers and that it’s growing its employee headcount to 500. Jeff Shiner, CEO of 1Password, said in a statement:

“Having the ability to share passwords and other credentials outside of a business or family has been one of our most highly-requested features, and I’m very excited by today’s launch of Psst! as it helps keep everyone, not just 1Password customers, safe online. Crossing the 100,000 business customers mark is a clear indication that businesses understand the need to safeguard their passwords and other sensitive information online.”



Editor’s note: This article originally appeared on Engadget.

1Password can now randomly generate email addresses for logins

Since 2019, Sign in with Apple has allowed iPhone and Mac users to protect their privacy by allowing them to generate random email addresses when they need to access a new website, service or app. It’s one of those small features that can have an outsized impact, and now something similar is coming to 1Password.

The company has partnered with email host Fastmail to introduce a feature called Masked Email. Like its Apple counterpart, the tool allows you to create unique email addresses for your logins. You can create the aliases directly within the 1Password app, which means you can access the tool on all platforms where the password manager is available.

Just how much the ability to hide your email can do to help safeguard your online privacy can’t be overstated. The vast majority of privacy breaches start with phishing emails. You’re far less likely to click on a suspicious link or inadvertently share your personal information if you don’t get one of those messages in the first place.

Editor’s note: This article originally appeared on Engadget.

Accel doubles down on 1Password, which just raised $100M more at a $2B valuation

Toronto-based 1Password is one of those rare companies that is a) profitable and b) transparent enough to share financials.

And today, the company announced that it raised $100 million in a Series B round of funding that doubles the company’s valuation to $2 billion.

You may recall that the previously bootstrapped 1Password only raised its first round of external capital in 2019 – a $200 million Series A led by Accel that represented the venture firm’s largest single investment in its 35-year history. At the time, 1Password was hardly a startup, having been founded in 2005. 

Accel also led its latest round, which notably included participation from Ashton Kutcher’s Sound Ventures, Kim Jackson’s Skip Capital and a slew of tech executives including Tobias Lütke, CEO of Shopify; Harley Finkelstein, president of Shopify; Stewart Butterfield, co-founder and CEO of Slack; Anthony Caselena, founder and CEO of Squarespace; Mike Cannon-Brookes and Scott Farquhar, co-CEOs of Atlassian; and Kevin Hartz, co-founder and chairman of Eventbrite, among others.

Profitable since day one, 1Password recently crossed the $120 million in ARR (annual recurring revenue) mark, according to CEO Jeff Shiner. Over 90,000 businesses use its SaaS platform, including a number of big names such as Under Armour, Shopify, the PGA, IBM, GitLab, Slack and PagerDuty. That’s up from 50,000 customers at the time of its November 2019 raise.

Founding couples Dave and Sara Teare and Roustem and Natalia Karimov came up with the idea for 1Password while they were growing another company that built websites and realized the struggle of keeping up with passwords.

It started out focused on consumers only. Over time, it evolved and began offering its password management services to businesses. This move took an already successful company to another level. 

It also caught the attention of Accel, which has a history of investing in bootstrapped and profitable businesses. In both its Series A and B rounds, the venture firm approached the company about investing.

Accel partner Arun Mathew, who drove his firm’s investment in 1Password in both rounds, noted that “1Password has a very unique company profile. To see a company riding all these market tailwinds with fundamentals and metrics like this is really, really unusual. Our hope is this [latest round] allows the entire company to be even more aggressive about winning this market.”

Since its last raise, 1Password has continued to evolve — a testament to its self-proclaimed intent to never sit on its laurels, said Shiner. For one thing, it has increased its headcount from 174 employees to about 475 today, including the formation of a go-to-market team, which the company never really had before.

And in the past few months, 1Password has expanded its business offerings, launching Secrets Automation in April and more recently, 1Password Events,  an enterprise offering aimed at protecting “critical”  business information. It has also launched a Linux Desktop Application and integrations with Slack and Rippling. 

Image Credits: 1Password

Secrets Automation, Shiner said, allows 1Password to protect a business’ infrastructure secrets “machine to machine.”

“Password management is usually human to machine, so it’s a huge win for us and expands what we do into the broader infrastructure,” he added. It was able to launch Secrets Automation with the help of the acquisition of a Dutch company, SecretHub. 

The company is planning to use some of its new capital for further acquisitions as the number of startups in the cybersecurity space continues to grow.

“Having a stronger balance sheet only helps the company take calculated risks and be opportunistic about potential M&A or investing even more aggressively where we see opportunity,” Accel’s Mathew said. “For almost 16 years, this company has been one of the best-kept secrets, no pun intended, for businesses and consumers alike.”

The COVID-19 pandemic and the resulting work-from-home shift only led to more demand for 1Password’s offering. In fact, with each business account, 1Password is giving each employee a free family account to use at home. 

“As work and home have mixed, it’s been a huge benefit for users,” Shiner said.

That line-blurring is one of the reasons that Accel sees even more potential in 1Password. The firm has 24 active security investments across its portfolio, according to Accel partner Ethan Choi.

“This doubling down [on 1Password] signifies our belief that this is one of the most important areas of security today,” Choi said. “CIOs and CISOs want their employees to be productive and get into the applications they need to, but they also need them to be secure.”

For its part, 1Password believes that despite being around for 16 years, it’s only “just scratching the surface,” according to Shiner.

“I think that’s what gets us excited, is just this incredible opportunity that we see in front of us,” he said. “We need to keep moving forward, with urgency.”

Gaining the insight of so many experienced tech execs was also a factor in raising more capital, Shiner said.

“We already had a great relationship with Accel, but being able to bring in those additional folks and the experience they bring along with them is tremendously valuable,” he added.

In its first funding in 7 years, profitable fintech Lower raises $100M Series A led by Accel

Lower, an Ohio-based home finance platform, announced today it has raised $100 million in a Series A funding round led by Accel.

This round is notable for a number of reasons. First off, it’s a large Series A even by today’s standards. The financing also marks the previously bootstrapped Lower’s first external round of funding in its seven-year history. Lower is also something that is kind of rare these days in the startup world: profitable. Silicon Valley-based Accel has a history of backing profitable, bootstrapped companies, having also led large Series A rounds for the likes of 1Password, Atlassian, Qualtrics, Webflow, Tenable and Galileo (which went on to be acquired by SoFi). 

In fact, Galileo founder Clay Wilkes introduced the VC firm to Dan Snyder, Lower’s founder and CEO. The two companies have a few things in common besides being profitable: they were both bootstrapped for years before taking institutional capital and both have headquarters outside of Silicon Valley.

“We were immediately intrigued because Ohio-based Lower echoes both of these themes,” said Accel partner John Locke, who led the firm’s investment in Lower and is taking a seat on the company’s board as part of the investment. “Like Galileo, Lower will be one of the most successful bootstrapped fintech companies globally. The combination of a company built in a nontraditional region across the globe and a bootstrapped company reminds us of [other] companies we have partnered with for a large Series A.”

There were other unnamed participants in the round, but Accel provided the “majority” of the investment, according to Lower.

Snyder co-founded Lower in 2014 with the goal of making the homebuying process simpler for consumers. The company launched with Homeside, its retail brand that Snyder describes as “a tech-leveraged retail mortgage bank” that works with realtors and builders, among others. In 2018, the company launched the website for Lower, its direct-to-consumer digital lending brand with the mission of making its platform a one-stop shop where consumers can go online to save for a home, obtain or refinance a mortgage and get insurance through its marketplace. This year, it launched the Lower mobile app with a savings account.

Sitting (L to R): Co-founders Dan Snyder, Grayson Hanes
Standing (L to R): Co-founders Mike Baynes, Chris Miller
Not pictured: Robert Tyson; Image credit: Lower

Over the years, Lower has funded billions of dollars in loans and notched an impressive $300 million in revenue in 2020 after doubling revenue every year, according to Snyder.

“Our history is maybe a little atypical of fintech companies today,” he told TechCrunch. “We’ve had a view going back to the start of the company that we wanted to run it profitably. That’s been one of our pillars, so that’s what we’ve done. Also, we all grew up in the mortgage industry, so we saw firsthand the size of the market, but also how broken it was, so we wanted to change it.”

In launching the direct-to-consumer digital lending brand, the company was working to make the homebuying process more “digital, transparent and easier for consumers to access,” Snyder said.

At the same time, the company didn’t want to lose the human touch.

“We tried to design the app flow in a way where you can get as far along as you can in the application but if you want, at any point in time, to talk or chat with someone, we’re available,” Snyder added.

Image Credits: Lower

Lower’s typical customer is the millennial and now Gen Z who’s aspiring to own their first home, according to Snyder.

“They might be thinking, ‘OK, I might be living in an apartment now, but in the next few years I’m going to meet someone and/or have a child and I want to unlock the investment that is a home,’ ” he told TechCrunch. “And we’ll help them on that journey.”

Lower’s recently launched new app offers a deposit account it’s dubbed “HomeFund.” The interest-bearing FDIC-insured deposit account offers a 0.75% Annual Percentage Yield and is designed to help consumers save for a home with a “dollar-for-dollar match in rewards” up to the first $1,000 saved, Snyder said.

Lower works with more than 35 major insurance carriers nationally, including Nationwide, Liberty Mutual and Allstate. It has more than 1,600 employees, about half of which are based in Lower’s home state. That’s up from about 650 employees in June of 2020.

Looking ahead, the company plans to add more services and has an “aggressive roadmap” for adding new features to its platform. Today, for example, Lower sells primarily to Fannie Mae and Freddie Mac. And while it services the majority of its loans, like many large lenders, it uses a subservicer. That will change, however, in early 2022, when Lower intends to launch its own native servicing platform. 

And while the company intends to continue to run profitably, Snyder said he and his co-founders “think the time is now to gain share.”

“We want to become a global brand, raise money and gain market share,” he added. “We’re going to continue to double down on product and build out our capabilities. We are the best-kept secret in fintech and plan to change that with smart branding, advertising and sponsorships.”

And last but not least, Lower is eyeing the public markets as part of its longer-term roadmap.

“Ultimately, we know we can build a great public company,” Snyder told TechCrunch. “We’re of the scale to be a public company right now, but we’re going to keep our heads down and we’re going to keep building for the next few years and then I think we can be in a spot to be a strong public business.”

Accel’s Locke points out that in the U.S., mortgage and home finance are among the largest financial service markets, and they have primarily been handled by large banks.

“For most consumers, getting a mortgage through these banks continues to be an overly complex, slow-moving process,” Locke told TechCrunch. “We believe by providing consumers a great mobile experience, Lower will gain share from incumbent banks, in the same way that companies like Monzo have in banking or Venmo in payments or Trade Republic and Robinhood in stock trading.” 

1Password acquires SecretHub and launches new enterprise secrets management tool

1Password, the password management service that competes with the likes of LastPass and BitWarden, today announced a major push beyond the basics of password management and into the infrastructure secrets management space. To do so, the company has acquired secrets management service SecretHub and is now launching its new 1Password Secrets Automation service.

1Password did not disclose the price of the acquisition. According to CrunchBase, Netherlands-based SecretHub never raised any institutional funding ahead of today’s announcement.

For companies like 1Password, moving into the enterprise space, where managing corporate credentials, API tokens, keys and certificates for individual users and their increasingly complex infrastructure services, seems like a natural move. And with the combination of 1Password and its new Secrets Automation service, businesses can use a single tool that covers them from managing their employee’s passwords to handling infrastructure secrets. 1Password is currently in use by more then 80,000 businesses worldwide and a lot of these are surely potential users of its Secrets Automation service, too.

“Companies need to protect their infrastructure secrets as much if not more than their employees’ passwords,” said Jeff Shiner, CEO of 1Password. “With 1Password and Secrets Automation, there is a single source of truth to secure, manage and orchestrate all of your business secrets. We are the first company to bring both human and machine secrets together in a significant and easy-to-use way.”

In addition to the acquisition and new service, 1Password also today announced a new partnership with GitHub. “We’re partnering with 1Password because their cross-platform solution will make life easier for developers and security teams alike,” said Dana Lawson, VP of partner engineering and development at GitHub, the largest and most advanced development platform in the world. “With the upcoming GitHub and 1Password Secrets Automation integration, teams will be able to fully automate all of their infrastructure secrets, with full peace of mind that they are safe and secure.”

Fourteen years after launching 1Password takes a $200M Series A

1Password has been around for 14 years, and the founders grew the company the old-fashioned way without a dime of venture capital. But when it decided to take venture help, it went all in. Today, the company announced a $200 million Series A from Accel, the largest single investment in the firm’s 35-year history.

Dave Teare says he and his co-founder Roustem Karimov were resolving a major pain point for users around password creation and management when they launched in 2005, and that the Toronto company has been profitable from day one. That’s not something you hear from startups all that often.

Today, Jeff Shiner is CEO. He helped grow the company from 20 employees when he came on board in 2012 to 174 today. He says that as he helped foster this growth, he saw a tremendous market opportunity in front of him. That’s when he decided to finally take the plunge into venture investing.

“We’ve got the sophisticated business tooling that we built over the last five years, so that we can really go out there and just double and triple down on what we’ve been doing, and drive that much faster and further into the market, and again that market is honestly from consumers all the way up to enterprises,” Shiner explained.

While he is confident in his company’s ability to build a product people want and support its customers, it needs help with other aspects of the business to grow faster and take advantage of the market potential. “We have far less experience with things like go-to-market programs, with sales, marketing and finance teams — and things like that. And we need to grow, and grow aggressively, which is not just hiring people, but also getting the right partners, finding the right leaders to help us with that growth,” he said.

Accel has a history of investing in mature companies that haven’t taken funding before, so what it’s doing with this round isn’t all that unusual for the firm. Arun Mathew, a partner at Accel, says he doesn’t come across companies like 1Password all that often. ““Like Atlassian and Qualtrics, the 1Password team impressed us by building a business that’s not only scaling extremely quickly but also has been profitable since day one — and that’s why today we’re making the biggest single investment in Accel’s 35-year history,” Mathew said in a statement.

The founders actually stumbled onto the idea of 1Password in 2005. They were running a web development consultancy when they decided to resolve a long-standing problem of logging into multiple websites, a particularly acute issue given their day jobs.

They decided to build a tool to help, and when they put it out in the world, they found lots of other people had the same problem. They ended up closing the web consultancy to build 1Password, and the rest, as they say, is history.