Start with Identity
MFA / Passwordless

Secret Double Octopus

Founded 2015Tel Aviv, IsraelPrivateScore 4/5Evaluated 2026-06-19Website ↗

Capability scores

Methodology →
Authentication
4.5
SSO & Federation
3.5
Authorization
3.0
Lifecycle & Provisioning
3.0
MFA & Passwordless
4.5
Governance & Audit
3.0
Developer Experience
3.5
Deployment Flexibility
4.0
Pricing Transparency
3.0
Support & Ecosystem
3.5

Scored 0–5 against a published rubric. Independent analysis, no vendor sponsorship.

Overview

Secret Double Octopus offers workforce passwordless MFA that reaches across desktops, VPNs, and legacy applications, integrating with existing directories and identity providers rather than replacing them. Founded in 2015 in Tel Aviv, its pitch is breadth of coverage: passwordless that works not just for modern web apps but for the Windows and Mac desktop login, RADIUS, and the legacy systems most workforces still run.

What it is good at

Broad endpoint and legacy coverage is the differentiator. Many passwordless products stop at modern OIDC apps; Secret Double Octopus extends phishing-resistant sign-in to desktop login, VPN, and older on-premises systems, and it does so on top of your current directory and IdP. That makes it useful for enterprises that want to remove passwords everywhere, not just from the easy targets.

Where it falls short

It is a workforce authentication specialist, not a consumer-facing CIAM authenticator and not a developer-first API platform. You still need an identity provider for SSO, provisioning, and governance. The strength in legacy coverage comes with integration work, and pricing is quote-based.

Pricing

Enterprise subscription, quote-based. Model seat counts and integration scope with the TCO calculator.

Best for, and who should look elsewhere

Choose it for enterprises extending passwordless across desktops, VPN, and legacy apps without ripping out the IdP. Teams wanting consumer login should look elsewhere in CIAM; those wanting standards-pure FIDO at scale should compare Nok Nok Labs or HYPR. See the full MFA directory.

Bottom line

A capable workforce passwordless layer with unusually broad endpoint and legacy coverage on top of your existing IdP.

By SWI Community Team · Last evaluated 2026-06-19

Independent, community-driven analysis. No vendor sponsorship. Compiled from public research and community input and verified on a best-effort basis, so details may be incomplete or out of date. Scores are opinions, not advice. Trademarks belong to their owners; mention does not imply affiliation or endorsement. See the full disclaimer, or send corrections to community@startwithidentity.com.