Bitwarden, an open source password management platform, has made its first known acquisition by purchasing Passwordless.dev, a young Swedish startup that specializes in assisting software developers in integrating passwordless authentication technology.
The information was released shortly after Bitwarden, a competitor of 1Password and LastPass, revealed that it had received $100 million from PSG and Battery Ventures, its first outside investment since its founding in 2015. At that time, the business also disclosed that it had raised a previously unreported Series A round in 2019.
The issue with passwords
Bitwarden is made to make it simpler for people and businesses to generate complex passwords automatically and store them all in a secure vault, much like other password management services. The main goal is to encourage users to avoid using the same predictable password for all of their online accounts. The primary selling point of Bitwarden, however, is that it is open source, or at the very least, that it is source available, which guarantees complete transparency into the codebase while also enabling the community to contribute and aid in the development of new features.
As compromised passwords are to blame for the majority of business security breaches, Bitwarden is now attempting to take advantage of a growing trend in online security that aims to make passwords obsolete.
In fact, there has been a concerted effort across the technology landscape to move toward passwordless authentication. A new password-free sign-in standard called WebAuthn was supported by a collaboration between Apple, Google, and Microsoft last year. Separately, Apple unveiled Passkey, a new feature that enables users to use their Apple device to log in to online services without passwords.
Other startups with a passwordless focus, like Hypr, Magic, and Stytch, have attracted VC funding to support their individual initiatives.
For its part, Bitwarden supports physical two-factor authentication (2FA) security keys like the YubiKey and already provides some support for passwordless authentication, such as biometric logins for Bitwarden’s own apps. But by taking Passwordless.dev under its wing, Bitwarden hopes to make it simpler for software developers to incorporate native biometric sign-in capabilities into their products, while also enabling businesses to update their current password-reliant applications.
Passwordless.dev was established in Sweden in 2020 and has largely remained unnoticed since then. To support secure password logins, the World Wide Web Consortium (W3C) and the FIDO Alliance developed WebAuthn, a web standard that the company offers APIs built on. With just a few lines of code, Passwordless.dev essentially makes it simpler for developers to implement WebAuthn in software, cutting down on the costs and difficulties associated with doing so.
With the launch of Passwordless.dev by Bitwarden today, any third-party developer can now integrate biometric sign-in technologies like Touch ID, Face ID, and Windows Hello into their apps.
Bitwarden CEO Michael Crandell wrote to TechCrunch in an email, saying, “This saves weeks of coding do-it-yourself passkey implementations.” Businesses also have business applications that seek to give users password-free experiences but still require passwords for authentication. They can easily incorporate WebAuthn and passwordless authentication features into these applications with the aid of Bitwarden Passwordless.dev.
It will be free to use Passwordless.dev by Bitwarden during its initial beta phase in Q1 2023, after which paid plans covering specific levels of usage and features will be made available, according to the company.
Even though Bitwarden isn’t saying how much it paid for the startup or how many employees it’s hiring as part of the deal, it did confirm that Passwordless.dev hasn’t received any outside funding in its more than two years of operation, indicating that the acquisition probably didn’t cost a fortune.