Investing in Beyond Identity — The First True Passwordless Authentication

It feels like every other week, companies we trust and use get hacked.

In both 2019 and 2021, Robinhood got hacked. They stored passwords in a readable format and over 10,000 passwords leaked onto the dark web. Recently, GoDaddy, the largest Web-hosting firm and domain registrar revealed that it suffered a cyberattack where a hacker gained access to details of over 1.2 million WordPress admin passwords.

Even Solarwinds, a major US information technology firm, was the subject of a cyberattack. Hackers bypassed MFA by using the password “solarwinds123!”. As reported by Venture Beat, Microsoft says it blocked more than 25.6 billion attempts to break into accounts of enterprise customers using brute-force password attacks in 2021.

Data privacy & identity management is hard. When I co-founded Humin, a smart address book acquired by Tinder, one of our core tenants was our “Humin Rights”. We built our app in the most effective way to mitigate cyber-attacks. For example, users’ emails, texts, and passwords never touched our servers; everything was stored locally on our users’ devices. We never generated portable tokens and adopted a “Release No Data” policy, similar to a physician’s oath of “Do No Harm.”

But now as the pandemic has forced many to WFH or BYOD, it's even more evident that we need a smarter way to do MFA, or multifactor authentication.

Today, I’m thrilled to announce our investment into Beyond Identity, the first identity management system designed to provide secure, passwordless authentication.

The company was founded in 2019 by two Silicon Valley icons. Jim Clark, Beyond Identity’s cofounder and chairman, previously founded Netscape with Marc Andreesen and also Silicon Graphics (NYSE: SGI), myCFO (acquired by BMO), and WebMD. Michael Lewis, author of The Big Short, Liars Poker & Moneyball even wrote a book about Jim called The New New Thing: A Silicon Valley Story. The cofounder and CEO is Tom “TJ” Jermoluk, former Chairman/COO Silicon Graphics (NYSE: SGI), President @Home Network (acquired by Excite), and General Partner at Kleiner Perkins.

In this round, I’m excited to invest alongside Taher Elgamal, Partner at Evolution Equity Partners, CTO Security at Salesforce & the “Father of SSL”. Other investors joining the round include NEA & Koch Disruptive Technologies.

Beyond Identity’s new funding comes at a time of record growth and momentum for the company. Annual recurring revenue (ARR) rose by 330% from 2020 to 2021 and its roster of customers like Snowflake, Roblox and Intuit grew 640%.

It’s no surprise given how revolutionary the technology is.

Passwords are the root cause of over 80%-90% of security breaches! It’s time for them to be eliminated.

Beyond Identity is fundamentally changing how the world logs in with a groundbreaking invisible, un-phishable MFA platform that provides the most secure and frictionless authentication on the planet.

Other tech solutions might use the word “passwordless” in their product marketing or roadmap BUT no other solutions actually removes the password. “Password Managers” like Dashlane and OnePassword aggregate all passwords in one place. Since people tend to forget their passwords anyway, they write them down or use the same one over and over which is not secure. Antuquated MFA are vulnerable to phishing attempts because of one-time links or SIM swaps. VPNs are painful, slow, and still require a password to access the network.

Beyond Identity is leading the charge with a state-of-the-art MFA solution that cryptographically binds a user’s identity to their devices. Think of it as being similar to facial recognition in an iPhone.

A few years ago, chip manufacturers started including secure enclaves within the chips, where private keys (this includes things like biometric scans, thumbprints or Face ID) can be stored, but physically cannot leave the device. This technology allows companies like Beyond Identity to “check” what device is being verified and who owns it. This allows users to log in without passwords because Beyond Identity knows that this specific device, which was likely opened using biometrics, is the device that was authorized to enter a specific account. As a result, there is no centralized password list to steal.

Beyond a workforce product, Beyond Identity also offers a solutions for e-commerce providers to authenticate consumer log-ins, along with an MFA product for developers that aims to assist with issues such as software supply chain compromises.

We’re excited for the work ahead to help Beyond Identity scale into Latin America and for a true passwordless future.