Revenue at 1Password grew from $60M ARR at the end of 2019 to $150M at the end of 2021, with paying business customers going from 50,000 to 95,000 over that same period. As of November, we estimate that 1Password is on track to hit $200M in 2022.

Click here for our full 1Password model.

1Password is notable for being bootstrapped through its first 14 years, taking its first venture capital from Accel only in 2019—most of which went to enable founders and early employees to sell secondary.

They followed up that first round of VC with a $100M Series B in July 2021—led by Accel with participation from Sound Ventures and Skip Capital—and a larger $620M Series C via Iconiq, Tiger Global, and Lightspeed Ventures in 2022.

That last round valued 1Password at $6.8B, for about a 45x multiple on their ~$150M in ARR at the end of 2021.

1Password is a subscription SaaS company that has both a B2C product (for individuals and families) and a B2B product for teams. 1Password’s B2B and enterprise products charge monthly based on the number of users that a company has reading and writing to their corporate “vault”.

For individuals, 1Password costs $2.99 per month, billed annually—for families, it’s $4.99 per month for up to 5 family members.

1Password switched to a subscription-only model around 2018 after years of giving personal users the option to purchase a software license that allowed them to use their current iteration of 1Password indefinitely.

1Password’s business tier, launched in 2018, includes features like:

For businesses, 1Password costs a flat $19.95 per month for up to 10 employees—for businesses with more than 10 employees, they charge $7.99 per user per month.

The core idea of 1Password is to make it easier to protect and share secrets—passwords for different websites and SaaS apps, credit card numbers, and other types of information—with members of your family and co-workers.

The first version of 1Password was a Mac app that launched May 19th, 2006 and was available for purchase for $40 per copy. Subsequent iterations of the software would add features like mobile support, so 1Password could transfer login information stored in-app into your iPhone or iPad, and convert 1Password from a license model to a subscription one.

On the business side, 1Password launched a dedicated enterprise tier in 2018 and hit 50,000 paying business customers by 2019.

1Password found product-market fit in businesses with both the proliferation of B2B SaaS cloud applications and the rise of hybrid/remote work, both of which necessitated ways for teammates to share login information with one another for the tools they use for work every day.

1Password competes directly with other password management systems that serve both businesses and consumers like LastPass, Dashlane and Bitwarden.

LastPass made $200M in 2021 and has roughly 30M users and has a similar business focus to 1Password. Dashlane, whose team is roughly half the size of 1Password’s, and Bitwarden similarly have both paid personal and business plans, but also offer a freemium tier for consumers that only allows for storing passwords on one personal device.

1Password also competes with companies like Apple and Google that bundle free password management services (iCloud Keychain and Google Password Manager respectively) into their OSes and web browsers.

Both offer password management services that allow users to generate new safe passwords and check their passwords for compromise (via integration with services that can determine whether a specific password has been identified in an existing data breach), though Apple’s is limited to Mac and iOS devices and Google’s functions only in their web browser, Chrome.

Across the password management space, what we’re seeing is the commoditization of the “solo” password vault experience as value shifts towards tools that can facilitate the “multi-player” experience of being able to share and collaborate over secrets as a team.

That’s putting 1Password indirectly into competition with companies like Brex and Ramp that handle “finance” secrets, Rippling and Okta that handle “HR/IT” secrets, and HashiCorp which handles “developer” secrets.

We’re still in the early days of the rise of cloud-based identity products: in 2021, spend on B2B identity management revenue saw a “flippening” as  SaaS products (54%) eclipsed on-premise (46%) spending for the first-time, paralleling Salesforce’s flippening from on-premises cloud CRM spend to SaaS CRM spend circa 2015.

Salesforce’s revenue went from $1.3B per year in 2010 to $26.4B per year in 2022 post-flippening.

Today, 1Password is using part of its $920M raised over the last 3 years to expand horizontally and take on both Okta ($8B) on identity and HashiCorp ($5B) on secrets delivery at runtime.

Secrets delivery at runtime

Engineering teams are one of the places in the organization where the proper management and delivery of secrets is most powerful.

From passwords to services to SSH keys and infrastructure secrets, software teams deal with many types of secrets that can lead to catastrophic issues if leaked—but where friction can slow teams down significantly.

In 2021, 1Password launched Secrets Automation to compete with Vault by HashiCorp ($5B) on secret delivery at runtime ($21B TAM), helping teams pull 1Password values out of their vaults and into their cloud infrastructure.

Additionally, integrations with Splunk and Elastic allow security and IT teams to send 1Password events into their other systems to get better visibility over how employees are using different software systems.

SSO

With their new “Universal Sign On” product, 1Password is leveraging its install base of 15M+ users to go after Okta ($8B) with their own SSO-like product that aggregates other SSO providers and differentiates by supporting the long-tail of SaaS apps vs. Okta which is limited to its ~7,500 integration partners.

Where Okta’s key value proposition is that it simplifies and secures enterprise login by allowing employees to remember one set of credentials to sign into all apps supported by Okta, 1Password serves the long tail by aggregating users’ authentication across all of the apps they use.

In this first version of Universal Sign On, 1Password can be used to ‘remember’ what form of social or SSO login you’ve used to create an account with a website—in the future, this could be a stepping stone to 1Password itself owning the authentication, aggregating companies like Okta and making your choice of SSO provider arbitrary compared to your usage of 1Password.

The rise of passwordless authentication

Companies like Transmit Security ($2.2B), Stytch ($1B), Magic (raised $31M) and Veridium (raised $16M) help e.g. ecommerce companies get higher rates of conversion at checkout by replacing passwords with things like biometrics, authentication keys, social login, and one-time passcodes.

These companies tend to take a developer-first approach to making it easy for companies to implement non-password methods of account creation, authentication, and login.

Disruption from the browser

1Password found its initial traction and its first ten years or so of revenue in the personal/family use market: people needing somewhere to store the growing list of passwords for different apps and services they needed to take care of.

There, they now face growing competition from Google—via Chrome’s in-built password manager—and Apple, which offers unique password generation and management that works across Safari, iOS and Mac.

Chrome and Safari, like 1Password, now offer to generate unique, strong passwords for their users when they land on new sites and go to create accounts. They can also auto-fill these passwords across different devices as with Apple’s cross-platform Keychain UI.

These password managers, built into Apple and Google’s OSes, make their browsers and ecosystems stickier—and reduce their users’ need for external password managers like 1Password.