YC F25 Startup Multifactor Raises $15M Seed Round to Make Online Accounts Safe for AI Agents
Nexus Venture Partners leads round as demand surges for provably secure, shareable access to online accounts
SAN FRANCISCO, Dec. 4, 2025 /PRNewswire/ — Multifactor, the post-quantum security platform enabling the safest access to online accounts for both humans and AI agents, today announced it has raised $15 million in seed funding. The round was led by Nexus Venture Partners, with participation from Y Combinator, Taurus Ventures, Honeystone Ventures, Flex Capital, Pioneer Fund, Ritual Capital, Liquid2 Ventures and leading operators across security, AI and enterprise software including Mohan & Padma Warrior, Gokul Rajaram and Mathilde Collin.
The fundraise follows strong early demand for Multifactor’s first-of-its-kind technology that allows anyone to share online account access without exposing underlying credentials. Multifactor’s unique approach replaces the need for traditional password managers, turning any online account into a shareable ‘read-only’ link in the same manner to how Google Docs can be shared for viewing or editing. With Multifactor, banking platforms, email, calendars, social accounts, and enterprise systems can all be turned into a secure, revocable, one-click access link for use by humans or AI that never reveals underlying passwords or credentials. Permissions can be set to read-only, restricted by feature, or even limited by dollar amount, offering maximum ease and convenience. All activity is audited and recorded with cryptographic signatures, and is protected through Multifactor’s mathematically unbreakable, post-quantum security technology.
Founded by Ph.D. computer scientist and former CIA officer Vivek Nair, and Ph.D. mathematician and cryptographer Colin Roberts, Multifactor was built in response to a growing class of security risks created by the rapid rise of agentic AI. For AI agents, Multifactor provides a provably safe execution environment that prevents prompt injection, password theft, confused-deputy attacks, and the growing category of cross-agent hijacking incidents. Access is entirely capability-based: agents can only see or modify what the user has granted in advance.
“Passwords were never built for the agentic era, and they’re becoming the most fragile link in modern security,” said Vivek Nair, CEO and co-founder of Multifactor. “People aren’t going to hand AI agents the keys to their calendars, finances, or business systems unless they have complete confidence nothing will go wrong. Multifactor is the easiest, safest, and most verifiable way to collaborate with both humans and AI with security guarantees that are mathematically unbreakable.”
