Secret Double Octopus raises $15 million to authenticate employees without passwords


To view the original article, please click here.


Secret Double Octopus, an Israeli startup that helps companies eliminate the need for passwords in the workplace, has raised $15 million in a series B round of funding. The investment comes as businesses have been forced to embrace remote working due to the COVID-19 crisis, a scenario that could increase the risk of security breaches.

Founded in 2015, Secret Double Octopus is setting out to solve the age-old problem of poor password hygiene. In fact, 81% of all business data breaches are reportedly due to compromised passwords — with the average cost of a single data breach in 2019 pegged at nearly $4 million. To address this risk, Secret Double Octopus helps companies bypass passwords altogether, allowing employees to authenticate their logins to apps and other platforms through a simple “touch and go” process.

The Octopus Authenticator, as the company calls it, is essentially a multi-factor verification system that can be integrated into most of the major enterprise applications, including Office 365, AWS, G Suite, Salesforce, WordPress, Box, HubSpot, SAP, and more. This single authenticator, which works both online and offline, can also be used to access workstations, networks, and VPNs.

Users receive a push notification on their mobile device, which they tap to confirm they have initiated a login, and they can use a biometric identifier such as their fingerprint to finalize the confirmation.

Even before the COVID-19 crisis, many companies were exploring ways to enhance security by relying less on employees’ ability to remember multiple complex passwords. Back in November, password manager 1Password raised $200 million in the first round of funding in its 14-year history, putting it in a stronger position to scale its enterprise-focused business. Earlier in the year, 1Password rival Dashlane raised $110 million, with the business market also firmly in its sights.

A few months back, Secret Double Octopus competitor Trusona closed a $20 million round of funding from a host of big-name investors, including Microsoft’s M12 and Kleiner Perkins. At the time, Trusona cited “unprecedented demand” from enterprises seeking passwordless login technologies as a major reason for its raise.

Secret Double Octopus CEO and cofounder Raz Rafaeli said “eliminating the hassle and costs associated with password management” was more important than ever for companies looking to simultaneously bolster their security and increase employee productivity.

The company had previously raised $7.5 million, and with its latest cash injection — which included Sony Financial Ventures, KDDI, and Global Brain as new investors — it is well-positioned to capitalize on the current climate of heightened security awareness.

Cybersecurity officials from the U.S and U.K. recently warned that state-backed hackers and online criminals were taking advantage of the global pandemic as millions more people use their own devices on insecure networks to connect to cloud-based corporate networks. Given the prominent role weak passwords have traditionally played in the authentication process, removing this chink from the chain could help minimize external and insider threats — whether from credential theft, phishing scams, identity theft, man-in-the-middle attacks, or other nefarious schemes.