Passwordless authentication offers a host of advantages over traditional pins, passphrases and passcodes. Surveys around the web show that compromised passwords cause an estimated 81% of all breaches and that the average person reuses passwords up to 14 times, giving hackers access to a big chunk of one’s digital footprint if they crack the code just once.
But despite the fact that it’s more secure, passwordless tech is running up against barriers to adoption — at least in the enterprise. A Harris Poll study found that 48% of companies didn’t have passwordless authentication as of 2021, in part because they believed that they lacked the right skills and teams to successfully implement it.
This is to the benefit of platforms like SecureW2, which have made a business out of abstracting away the steps required to deploy and maintain infrastructure for passwordless authentication. Case in point, SecureW2 this morning announced that it raised $80 million in funding from Insight Partners, SecureW2’s first-ever round.
Max Wolff, a principal at Insight Partners, which not long ago led a massive investment in passwordless security vendor Transmit Security, says that SecureW2’s customer momentum is what clinched the deal.
“Organizations are increasingly looking for alternatives to traditional passwords to authenticate access to networks and applications,” Wolff said via email. “SecureW2 provides an easy-to-use, cloud-native solution to address this need that’s already being used by hundreds of customers worldwide.”
SecureW2, based in Seattle, started as an open source project that allowed IT departments with “non-Windows” identity environments to connect Windows devices to their wired and wireless network infrastructure. The creators, Tom Rixom and Bert Kashyap, were spurred to launch the project by the growing frequency of password-based attacks — and, they say, by the unattractiveness of enterprise passwordless authentication solutions at the time.
“It became clear to us that there was a need for a fresh software-as-a-service-based and low-friction approach for IT teams,” Kashyap, SecureW2’s CEO, told TechCrunch in an email interview.
Rixom and Kashyap eventually incorporated SecureW2, which today offers a suite of passwordless technologies including a tool to issue certificates — digital replacements for passwords — to authorize access to a customer’s Wi-Fi, ethernet or VPN. SecureW2’s platform makes certificates available across most mobile and desktop operating systems, and can connect to cloud identity environments like Okta to extend policy-based security across a company’s environment.
“From business and government organizations to colleges and school districts, password-based connectivity to network infrastructure leads to potential disconnects due to password rotation procedures,” Kashyap said. “Eliminating user frustration and productivity loss drives direct return on investment along with the security benefits of ensuring those passwords that are used to also access other apps and resources aren’t susceptible to compromise.”
SecureW2, which has just under a thousand customers and “millions” of users, according to Kashyap, has been bootstrapped until now — and profitable with free cash flow. But it took on funding for two reasons: expanding its go-to-market efforts and ramping up software development and R&D in “product categories that surround SecureW2’s space,” Kashyap said.
“We’ve historically used machine learning to understand and predict how devices are connecting to infrastructure environments, and we have plans to expose some of these elements directly to the customer so that they may benefit from security anomaly detection, capacity planning and more,” Kashyap said. “As awareness grows of the need for a passwordless approach in both corporate environments and non-corporate infrastructure, we’re providing simple and cost-competitive solutions to drive adoption and growth.”
SecureW2 has 70 employees currently and expects to end the year with around 80.