Meldium was a Seattle-founded, Y Combinator-backed startup that built a single sign-on (SSO) and team password manager for small and medium-sized businesses. Founded in August 2012 by three veterans of Amazon and Microsoft, the company launched publicly in February 2013 and was acquired by LogMeIn for approximately $15 million in September 2014—just 25 months after founding. Meldium's story is not a conventional startup failure. The product worked, customers paid for it, and the team exited cleanly. The company's end came not from market rejection but from a portfolio decision: when LogMeIn acquired LastPass for $110 million in October 2015, Meldium became redundant within its new parent's identity management strategy. LogMeIn folded Meldium's capabilities into LastPass and retired the standalone product in July 2017. The Meldium story is a case study in building a credible SMB infrastructure product, executing a successful acqui-hire, and being absorbed by a larger sibling—a pattern common among YC-era enterprise tooling companies.
Meldium was incorporated in August 2012 in Seattle by three technologists with unusually deep enterprise credentials for a YC-era startup.[1] Boris Jabes had spent seven years as a Senior Program Manager at Microsoft's tools group before leaving in June 2012.[2] Anton Vaynshtok and Bradley Buda were both Amazon alumni.[3] TechCrunch noted at launch that the founders were "on the older side in terms of Y Combinator founders"—a distinction that reflected their seniority and shaped their product instincts.[4]

The founding insight was personal and direct. Having worked inside large technology organizations with mature identity infrastructure, the founders were struck by the contrast when they observed smaller companies managing shared credentials through spreadsheets and informal password-sharing. The gap between enterprise-grade security and the ad hoc methods used by startups and SMBs was the problem they set out to close. As Jabes put it: "We realized there has got to be some solution for people who can't spend $100 million on an IT organization, but still need more control over their app administration."[5]
The founders demonstrated notable discipline before taking outside money. Founders' Co-op General Partner Chris DeVore offered to invest in Meldium multiple times throughout 2012, but the team declined each time, preferring to validate the problem before accepting capital.[6] This restraint—unusual for first-time founders, let alone experienced operators—signaled a team that understood the difference between a real problem and a fundable pitch.
The company joined Y Combinator's Winter 2013 batch in January 2013, which provided the structure and network for a public launch the following month.[7] The investor vision for Meldium extended well beyond password management. DeVore later wrote that the company's thesis was "rooted in a broader thesis about an open federation layer for enterprise SaaS users and data"—suggesting the founders had ambitions that the product's SMB positioning only partially expressed.[8]
Meldium's core product was a team password manager and single sign-on dashboard designed for companies that used multiple cloud applications but lacked the IT infrastructure to manage access centrally. The problem it solved was concrete: when an employee joined or left a company, administrators had no reliable way to grant or revoke access to dozens of SaaS tools simultaneously. Shared passwords lived in spreadsheets. Offboarding meant manually changing credentials across every platform. Meldium replaced that chaos with a centralized control layer.

The product worked in two layers. Administrators used a web dashboard to add cloud applications and enter the credentials for each. Employees then installed a browser extension—available for Chrome and Firefox—that gave them a personal "launchpad" of apps they had been provisioned access to.[17] Clicking an app icon in the extension triggered an automatic login: the extension filled in the credentials and submitted the form without the employee ever seeing the underlying username or password.
That last detail was the product's most important security property. Meldium used a split cryptographic architecture in which credentials entered by an admin could be used to authenticate but could not be extracted by rank-and-file users. As co-founder Bradley Buda explained: "With this cryptography, the only thing that can come back out is the logged in account, not the credentials themselves."[18] This addressed a genuine enterprise concern—shared passwords that employees could copy and retain after leaving—in a package lightweight enough for a 20-person startup to deploy without an IT department.
The product scaled its app coverage aggressively. At launch in February 2013, Meldium supported approximately 150 apps including GitHub, Salesforce, Box, MailChimp, and Google Apps.[9] By July 2013, that number had grown to over 700.[11] By the time of the LogMeIn acquisition in September 2014, Meldium supported approximately 1,500 cloud apps including Dropbox, HubSpot, WordPress, Zendesk, Asana, Trello, Evernote, JIRA, and Rackspace.[19] This tenfold expansion in 19 months reflected active product investment and a clear understanding that app coverage was a key adoption driver.
The browser extension requirement was a meaningful constraint. Enterprise IT environments often standardize on a single browser—frequently Internet Explorer at the time—and Meldium's Chrome-and-Firefox-only support created a compatibility gap for larger organizations. For the SMB market Meldium was targeting, this was less of an obstacle, but it represented a ceiling on upmarket expansion.
The product's features included shared passwords, account provisioning, and SSO for SaaS applications.[20] The investor thesis, as articulated by Founders' Co-op, pointed toward a broader ambition: an open federation layer for enterprise SaaS that would go well beyond password management.[8] The product as shipped was a credible first step toward that vision, but the company was acquired before it could pursue the larger opportunity.
Meldium targeted small and medium-sized businesses—specifically companies large enough to use multiple cloud applications but too small to afford enterprise identity management infrastructure. The pricing structure made this explicit: free for teams under five people using up to ten apps, scaling to $29 per month for up to 20 users, $79 per month for up to 100 users, and $199 per month for up to 250 users with unlimited apps.[21] The $199/month ceiling for 250 users positioned Meldium firmly in the SMB tier—accessible enough for a 10-person startup, affordable enough for a 200-person growth-stage company.
The product's design reflected this target. There was no sales team required, no lengthy implementation, and no enterprise procurement process. An admin could sign up, install the extension, and begin provisioning apps within minutes. The founders' own experience at Amazon and Microsoft gave them credibility with technical buyers, but the product was deliberately built for non-technical administrators.
The identity and access management (IAM) market was growing rapidly in 2013 as cloud application adoption accelerated. The proliferation of SaaS tools—each with its own login—created a credential management problem that scaled with company size. Every new hire needed access to a dozen or more applications; every departure required revoking that access. For companies without dedicated IT staff, this was an unsolved operational problem.
The founders' investor thesis framed the opportunity as larger than password management alone: a federation layer that could sit between employees and the entire SaaS ecosystem. That framing pointed toward a market that would eventually be valued in the tens of billions, encompassing identity providers like Okta, password managers like LastPass and 1Password, and privileged access management tools. In 2013, however, the SMB segment of that market was underdeveloped—large enough to build a business, but not yet the priority for the major enterprise IAM vendors.
Meldium operated in a space with competitors at multiple price points and capability levels. At the enterprise end, Okta and OneLogin offered full-featured identity platforms with SAML-based SSO, user lifecycle management, and deep Active Directory integration—but at price points and implementation complexity that put them out of reach for most SMBs. At the consumer end, LastPass and 1Password offered personal password management with some team features, but without the centralized provisioning and cryptographic separation that Meldium provided.
Meldium's direct competitive set in 2013 included Passpack, Shibboleth, and early versions of LastPass for Teams. The company's differentiation was the combination of SMB-friendly pricing, a clean user experience, and the security architecture that prevented credential extraction. The browser extension model was common across this category, which meant Meldium's friction point was shared by most competitors.
The competitive landscape shifted materially after the acquisition. LogMeIn's purchase of LastPass in October 2015 for $110 million brought a product with far greater brand recognition, a larger user base, and a more established market position into the same portfolio as Meldium.[13] At that point, Meldium's competitive position became irrelevant—it was no longer competing in the market but surviving within a corporate portfolio decision.
Meldium operated a freemium SaaS model with a tiered subscription structure. The free tier—supporting up to five users and ten apps—served as a top-of-funnel acquisition mechanism, allowing small teams to experience the product before hitting a paywall. Paid tiers scaled by team size: $29 per month for 20 users, $79 per month for 100 users, and $199 per month for 250 users with unlimited app coverage.[21]
The model was designed for self-serve adoption. There is no evidence of a direct sales motion or enterprise contracts. Revenue came from recurring monthly subscriptions, with natural expansion potential as customer headcount grew through the pricing tiers. The $199/month ceiling for 250 users implied an annual contract value of approximately $2,400 for the largest SMB customers—a figure that would require a large number of accounts to generate meaningful revenue. LogMeIn's explicit statement that Meldium's revenue would not materially impact its financials at acquisition confirmed that the company had not yet scaled its monetization, even if its growth trajectory was positive.[22]
Meldium demonstrated genuine early traction before its public launch. The company had paying customers before YC Demo Day, including at least one company with 250 employees—the maximum addressable by its highest pricing tier.[9] This pre-launch validation was meaningful: it indicated that the product solved a real problem for real organizations, not just early adopters experimenting with free tools.
By the time of the LogMeIn acquisition in September 2014, Jabes characterized the user base as "thousands of early-adopters."[23] Whether "thousands" referred to paying customers or included free-tier users is ambiguous. LogMeIn's concurrent statement that Meldium's revenue would not materially impact its financials suggests the paying customer count was in the hundreds rather than thousands, or that average contract values were low enough to keep total ARR modest.[22]
LogMeIn explicitly praised Meldium's growth rates at the time of acquisition, which implies the trajectory was positive even if the absolute numbers were small.[22] The team remained fewer than 10 employees through acquisition,[24] suggesting either deliberate capital efficiency—the company had raised only approximately $1 million total[25]—or a go-to-market motion that had not yet scaled beyond the founding team's direct network. The product's app coverage growth from 150 to 1,500 in 19 months is the clearest quantitative signal of active development and product investment during this period.
Meldium's story does not fit the conventional startup failure template. The product worked. Customers paid for it. The team exited for $15 million in 25 months on $1 million raised. The company's end was not a market verdict—it was a portfolio rationalization by an acquirer who subsequently bought a larger competitor. Understanding what happened requires separating the company's independent trajectory from the decisions made by LogMeIn after the acquisition.
LogMeIn's September 2014 acquisition of Meldium was a genuine strategic purchase, not a distressed exit. LogMeIn CEO Michael Simon called Meldium "one of the most elegant, intuitive SSO solutions on the market today" and framed the deal as filling a gap in LogMeIn's IT management portfolio.[26] The $15 million price—paid in cash, with a portion tied to performance and retention—represented a strong return on the approximately $1 million the company had raised.[12] All three founders and all employees joined LogMeIn's San Francisco office, confirming that the team was as valued as the technology.[27]
Jabes framed the acquisition in terms of shared vision: "In LogMeIn, we have found a team that shares our vision of a cloud-centric workplace and our belief in creating simple and elegant tools for small-and-medium businesses."[23] The acquisition gave LogMeIn an SMB SSO capability it lacked, and gave Meldium's team resources and distribution that the company could not have built independently on $1 million in funding.
The decisive event in Meldium's retirement was not anything the Meldium team did or failed to do. On October 9, 2015—13 months after acquiring Meldium—LogMeIn announced the acquisition of LastPass for $110 million.[13] LastPass was, by that point, the dominant consumer and SMB password manager by brand recognition and user base. It had a product that overlapped substantially with Meldium's core functionality.
LogMeIn's announcement was explicit about the implications: the company planned to fold Meldium's capabilities into LastPass and consolidate around a single identity management brand.[13] This was a rational portfolio decision. Maintaining two competing products in the same category—one with a small but growing user base, one with an established brand and large installed base—would have required duplicating engineering, marketing, and support resources. LastPass was the obvious survivor.
The retirement announcement came in May 2017, approximately 19 months after the LastPass acquisition.[14] The product was fully shut down in July 2017.[15] Meldium's customers were directed to migrate to LastPass. The gap between the LastPass acquisition announcement (October 2015) and the Meldium retirement announcement (May 2017) suggests LogMeIn took time to integrate LastPass's team features before pulling the plug on Meldium—a reasonable sequencing, though it left Meldium customers in an extended period of uncertainty.
While Meldium's exit was successful by startup standards, the company's pre-scale revenue position meant it had limited leverage in the acquisition and no independent path to survival if LogMeIn chose to retire it. LogMeIn's explicit statement that Meldium's revenue would not materially impact its financials[22] was a candid acknowledgment that the company was being acquired for its technology and team, not its revenue base.
A larger Meldium—with, say, $5 million in ARR and a clear enterprise sales motion—might have been harder to retire. It would have had a customer base large enough to create meaningful migration friction for LogMeIn, and a revenue contribution that would have made the retirement decision more costly. Instead, Meldium's "thousands of early-adopters" and modest ARR made it easy to absorb into LastPass without significant financial consequence.
The pricing ceiling of $199 per month for 250 users was a structural constraint on revenue growth. Even with strong customer count growth, the maximum annual contract value per customer was $2,400. Reaching $1 million in ARR would have required over 400 paying customers at the top tier—achievable, but requiring a go-to-market investment that the company's $1 million in total funding could not fully support.
Meldium's product required a Chrome or Firefox browser extension for its core functionality.[17] In 2013 and 2014, this was a reasonable technical choice—browser extensions were the standard mechanism for password manager integrations. But it created a meaningful friction point for enterprise sales cycles, where IT departments often controlled browser deployments and were cautious about third-party extensions with access to login credentials.
For the SMB market Meldium was targeting, this friction was manageable. Most small companies did not have browser standardization policies. But as Meldium's ambitions extended toward larger organizations—the "open federation layer" thesis implied enterprise-scale deployment—the extension dependency would have become a harder obstacle. The company was acquired before it had to solve this problem, but it represented a genuine ceiling on the product's upmarket potential.
The retention-based component of the $15 million acquisition price[12] meant that the founders' financial outcomes were tied to staying at LogMeIn, not to Meldium's continued growth as an independent product. Once inside LogMeIn, the founders' incentives were to deliver value within the larger organization—not to advocate for Meldium's survival as a standalone product against a $110 million acquisition that LogMeIn's board had approved.
This is not a criticism of the founders' choices. The acqui-hire structure is standard, and the founders had no control over LogMeIn's decision to acquire LastPass. But it illustrates a structural feature of acqui-hire exits: the acquiring company's subsequent strategic decisions can render the acquired product redundant regardless of its quality, and the founders have limited recourse once they are employees rather than independent operators.

Founder experience compounds into product credibility. Meldium's founders brought seven-plus years of enterprise identity management experience from Microsoft and Amazon directly into their product decisions. The cryptographic architecture that prevented credential extraction was not a feature a first-time founder would have prioritized—it came from people who had seen enterprise security requirements up close. For infrastructure products targeting technical buyers, domain expertise is a durable competitive advantage that shows up in product quality and customer trust.
Freemium pricing with a low ceiling limits revenue leverage at acquisition. Meldium's $199/month maximum price point was appropriate for SMB customer acquisition but created a structural constraint on ARR growth. When LogMeIn evaluated the acquisition, Meldium's revenue was explicitly described as immaterial to LogMeIn's financials. A higher price ceiling—or an enterprise tier with custom pricing—would have produced a larger revenue base, which in turn would have given Meldium more weight within LogMeIn's portfolio and made retirement more costly. Pricing decisions made at launch have long-term consequences for how acquirers value and treat a product.
Acqui-hire exits transfer product fate to the acquirer's portfolio strategy. Meldium was retired not because it failed but because LogMeIn acquired a larger competitor in the same category 13 months later. The founders had no control over that decision. This is an inherent feature of acqui-hire exits: the acquired team gains resources and liquidity, but the product's survival depends on the acquirer's subsequent strategic choices. Founders who care about their product's long-term impact should negotiate for product commitments, not just retention packages—though such commitments are rarely enforceable.
The founding team's execution quality is the durable asset. Meldium's founders went on to co-found Census, a reverse ETL and data activation platform, which was acquired by Fivetran in May 2025.[16] Two successful exits from the same founding team is a strong signal that the team's ability to identify infrastructure gaps, build credible products, and execute to acquisition is the repeatable asset—not any specific product or market. YC's investment in Meldium was ultimately an investment in the founders, and that investment compounded across two companies.
Declining early investment to validate the problem first is a signal of founder maturity. The Meldium founders turned down Founders' Co-op's investment offers multiple times throughout 2012 before accepting money in 2013.[6] This restraint—prioritizing problem validation over capitalization—produced a company that had paying customers before its public launch and a product architecture grounded in real enterprise security requirements. The willingness to delay funding in favor of learning is a discipline that most founders find difficult to maintain under social and financial pressure.