Employees are drowning in dozens of separate logins across systems that aren't connected via SSO, causing security fatigue and productivity loss. IT teams don't have a clear picture of which apps could be consolidated.
Scans network traffic, browser extensions, and identity provider logs to inventory every authentication event per user per day, then recommends SSO consolidation priorities ranked by fatigue reduction impact and implementation effort.
Freemium - free audit report, paid subscription for ongoing monitoring and remediation tracking
The Reddit thread validates real frustration — 180 upvotes and 105 comments is strong signal. MFA fatigue is a genuine daily annoyance for knowledge workers. However, it's a 'chronic ache' not an 'acute emergency' — IT directors feel it through helpdesk volume and complaints but rarely escalate it to budget-level priority unless tied to a security incident or compliance audit. The pain is real but diffuse.
TAM estimate: ~150K organizations globally with 200-5000 employees that have an IT team and 50+ SaaS apps. At $500-2000/month, that's roughly a $1-3B addressable market. Realistic SAM for a startup is much smaller — maybe $50-100M in the first few years targeting US mid-market. Decent but not massive. The segment above 5000 employees is already served by Axonius/Productiv; below 200, there's rarely a dedicated IT buyer.
This is the weak link. IT directors absolutely want this information, but many would expect it as a feature within their existing IdP (Okta, Azure AD, JumpCloud) or SaaS management tool — not as a standalone purchase. The free audit report is a strong lead gen hook, but converting to paid ongoing monitoring requires proving continuous value beyond the initial 'aha' moment. Budget often comes from security, not productivity — you'd need to frame this as a security tool to unlock budget.
Mixed. Reading IdP logs (Okta, Azure AD, Google Workspace) via APIs is very feasible. Building a browser extension for auth event tracking is moderate effort. But 'scanning network traffic' is a hard problem — it requires an agent or proxy, raises privacy concerns, and is operationally complex to deploy. A solo dev can build an MVP that integrates with 2-3 IdPs and ingests logs in 4-8 weeks, but the full vision (network scanning, browser extension, comprehensive coverage) is a 6-12 month effort. The MVP must be scoped very carefully.
Clear gap exists. Every competitor approaches from security risk or cost optimization. Nobody is quantifying authentication fatigue per user, mapping daily auth events, or ranking SSO consolidation by employee productivity impact. The 'fatigue reduction score' is a genuinely novel angle. However, the gap exists partly because buyers haven't clearly demanded this framing — you'd be creating a category, which is both an opportunity and a risk.
SaaS sprawl is ongoing — new apps appear monthly, employees leave and join, SSO configurations drift. There's a natural reason to monitor continuously. The remediation tracking angle (are we actually consolidating?) adds stickiness. Risk: some buyers might only want the one-time audit, not ongoing monitoring. You'd need to continuously surface new insights to justify the subscription.
- +Unique angle — 'authentication fatigue' framing is unoccupied by incumbents who all focus on security/cost
- +Strong bottom-up pain signal validated by real user complaints (Reddit thread + common sysadmin frustration)
- +Freemium audit report is an excellent wedge — low friction, immediate value, natural upsell
- +Natural expansion path from audit tool to ongoing SaaS governance platform
- +Compliance tailwinds (SOC 2, cyber insurance) create forcing functions that make IT directors act
- !Feature-not-product risk: Okta, Microsoft Entra, or JumpCloud could ship an 'SSO coverage dashboard' and eliminate the standalone need overnight
- !Willingness to pay for 'productivity' framing is unproven — may need to reposition as security/compliance to unlock real budgets
- !Network traffic scanning is technically complex, privacy-sensitive, and may require enterprise deployment that conflicts with the self-serve model
- !Category creation risk: if no buyer has budget line for 'auth fatigue reduction,' you're selling into undefined budgets
- !Mid-market IT teams (200-1000 employees) are notoriously hard to sell to — long sales cycles, small budgets, limited headcount to evaluate tools
Discovers all SaaS apps employees use by analyzing email and OAuth grants, maps SSO coverage gaps, and provides a path to consolidation. Focuses on shadow IT discovery and SaaS governance.
SaaS management platform that discovers apps via SSO logs, browser extensions, expense data, and integrations. Provides license optimization, workflow automation, and offboarding.
Cyber asset management platform that aggregates data from hundreds of sources to inventory all devices, users, SaaS apps, and cloud instances. Identifies security coverage gaps including SSO enrollment.
SaaS security platform focused on discovering all SaaS usage
SaaS intelligence platform that measures actual application engagement to optimize spending, inform renewals, and guide IT portfolio decisions including SSO rollout prioritization.
IdP-connected audit report. Integrate with Okta and Azure AD/Entra ID APIs only. Pull all app assignments, SSO vs. non-SSO status, MFA method per app, and login frequency per user over 30 days. Generate a one-page 'Authentication Fatigue Score' per org with a ranked list of top 10 apps to consolidate via SSO, scored by (login frequency × number of affected users) / (estimated SSO integration effort). Deliver as a PDF report from a simple web app. No browser extension, no network scanning — just IdP log analysis. Ship in 4-6 weeks.
Free one-time audit report (gated by email, requires IdP read-only connection) → $299-599/month for continuous monitoring, drift alerts, and remediation tracking → $999-1999/month for multi-IdP support, compliance reporting, and executive dashboards → Enterprise tier with API access, custom integrations, and dedicated support
8-12 weeks to first paying customer. Weeks 1-5: build MVP with Okta/Entra integration. Weeks 5-7: generate 20-30 free audit reports via sysadmin communities (Reddit r/sysadmin, HN, IT Slack groups). Weeks 7-10: follow up with report recipients who have the most painful findings. Weeks 10-12: close first $299-599/month subscriber. Revenue will be slow initially — expect $2-5K MRR by month 6 if execution is solid.
- “every single system requires an individual login, nothing synced with single sign-on”
- “some require RSA, some require M$ authenticator, some need a password, others need a passcode”
- “everything times out if not used for 10 minutes”
- “log back into that with 2FA and then log back into all of the individual apps”