After watching Edward Snowden’s movie, Son began to care more about his privacy. He thought that, in order to avoid getting tracked, he needed different identities on each site he signed up. That’s how he came up with SimpleLogin’s idea, an open-source service that protects users’ privacy via email aliases. He left his job and began bootstrapping the SaaS which, nowadays, makes $3k/mo.
Hey! My name is Son - 34 years old. I'm the founder of SimpleLogin, an open-source service to protect our privacy via email aliases. Currently, at $3000 MRR SaaS, our revenue continues to grow steadily.
Our team is based in France. At the moment I’m mostly focused on the backend and started to learn about the marketing/communication side.
Our business model is based on subscriptions - $30/year or $3/month. There’s also a free tier that should be enough for most users. The project is fully bootstrapped and we haven’t taken any investment.
I never cared much about my privacy because, like most people, I have nothing to hide. Last year I watched the Edward Snowden movie (that I strongly recommend) and realized that privacy actually matters and its effect is more concrete than I thought. If we don’t take our privacy seriously, we are going to be manipulated by big companies and politicians. And don’t count on the government to protect our privacy - even if you live in Europe.
As a heavy Gmail user, I realized that my Gmail has become my online identity. In order to not be tracked, I need to have as many identities as possible and why not a different identity for each website. SimpleLogin is then created as a solution to easily create a different identity.
I have started several adventures in the past but never felt enough motivation or the need to focus 100% of my time. But for SimpleLogin, for the first time several conditions were met: 1) This is a product that I use every day; 2) The market potential is big (password managers like Dashlane and 1Password have recently raised more than $100M) - more people care about their privacy; 3) It’s technically complex - as a developer, I get bored if there’s no tech challenge.
I decided then to quit my job at the time to focus on SimpleLogin. This wasn’t an easy decision: I was leading a software team back then, was well paid, and loved the people there.
By that time, I was very impressed by some companies who favor transparency and high ethical standards like Basecamp, Sentry, and Baremetrics, and set out to build SimpleLogin based on these principles.
In the beginning, I was obsessed with the idea of creating a single sign-on button (think “Login with Facebook” but does respect your privacy) that created a different email every time you used it. I worked day and night on this idea and was finally able to create an identity provider that fully supported OAuth2/OpenID Connect, the standard for single sign-on providers.
Then in June 2019, Apple released the “Sign in with Apple” in WWDC 2019 which was basically the same product. When I saw the announcement, I didn’t know what I should feel. Competing with Apple is hard, especially when Apple has the power to force every app to implement its login button. At the same time, this is market validation: a login button that protects our email address is much needed and that’s why Apple takes a direct fight against Facebook, Google, Twitter.
As time moves on, it becomes obvious that becoming an identity provider is a chicken-and-egg problem: without a lot of apps adding our button, people wouldn’t know about SimpleLogin and without a lot of users, no app would want to add our button. I decided to do a pivot: focusing on the email part and putting the single sign-on on hold.
Since the beginning, SimpleLogin has been fully open-source. It seems scary at first as anyone can just “steal” your code but it turns out to be one of the best decisions I made. Without being transparent, I wouldn’t have received valuable feedback from early-adopters, those who believe in the product and were willing to spend a lot of their time helping out!
Later on, 3 more people joined the project on a part-time basis. We made iOS/Android apps, Chrome/Firefox extensions, created the landing page, etc. The server part was also greatly improved so it can be self-hosted along with advanced features like PGP, WebAuthn, etc. And because the code is open-source, some features are actually created by our users.
I launched via different websites (HackerNews, BetaPage, etc) but these were never a real success. I guess the product wasn’t explained well enough or the timing was bad. Our growth is until now organic and mostly via word-of-mouth. As we offer the premium plan to students for free, it’s possible that they have helped spread the word. But I’ve never verified this hypothesis :).
The pricing is kept extremely simple: the free plan should be enough for basic use and the premium plan is for advanced use. Both plans have no limit in terms of bandwidth or number of forwarded emails: everyone should be able to protect their email address for free.
Being a beginner in marketing/communication, I’ve been focused on the only thing I know which is content writing, and have tried to write as much as I can about the findings when working on SimpleLogin or technical challenges. These posts are quite technical and targeted at tech-savvy people. In the beginning, I posted on dev.to (a developer-focus blogging platform), then I moved to our own blog.
Some users suggested we get in touch with “influencers” in the field of online privacy. I did and SimpleLogin received highly positive reviews from Techlore (100K subscribers on Youtube), Michael Bazzell (author on security/privacy books), etc. These podcasts, videos, or blog posts generated traction and we can see the traffic peaking at the publication.
Currently, we are experimenting with a referral program. The result seems promising.
We don’t have any traction when launching a Hacker News show post - I don’t have any explanation because similar products have acquired a lot of interest from this community in the past. I guess the timing of the post matters a lot and my advice is to make sure to delete your post immediately when you don’t see any upvote in the next 15-30 minutes. This way you can choose another moment to launch.
We plan to launch on Product Hunt soon. Hopefully, it’s going to be better than the HN one.
Today we have stable but not explosive growth. Our MRR is at around $3000/month and we are going to hit the 1000 subscriber milestone soon. We don’t have any intention to go big (or go home) - I like to keep the growth in control.
At the moment, I’m looking for a partner who can take care of the marketing/communication side so I can focus 100% on the product/tech. Not a lot of marketing folks know about the privacy field so please ping me if you know someone who might be interested :).
We also started to study how to make a similar product for credit cards and phone numbers. These are not easy as they are country-specific so we are going to probably target a specific country/region in the first version.
My main takeaway since starting SimpleLogin has been to focus on the product and don’t rush it. Release early is good but there’s a line between viable (as in MVP) and unusable.
You probably heard that already a thousand times but let me repeat it: talk with customers. That’s the only way to learn how people use the product and improve it. One way to get in touch with users is to send transactional emails from a real address (and not a no-reply one) so anyone can just reply to talk with you.
Another lesson I learned is to ignore haters. There are always people who somehow hate you and your product so much. Ignore those, don’t fight back, and just move on.
I’ve been extremely lucky to have people around who don’t care or understand about SimpleLogin but are willing to support me nonetheless. Having support is important as there were low moments where it felt there was no outcome for the product.
One challenge SimpleLogin faced until now is the comparison with a very similar service that was launched just before us. Both products share a lot in common. It’s just tiring for us to be constantly compared, especially when SimpleLogin is still in beta. Now it becomes clear that SimpleLogin isn’t a copycat and offers a different set of features so the comparison is less frequent.
The biggest mistake I made was to spend too much time building the single sign-on service without taking enough time to talk with app owners - those who would add our button in their apps. This is a classical mistake where the idea seemed so brilliant to us that it was hard to question it.
Our biggest challenge at the moment is to explain why our product is needed. Most people consider privacy-focused products as difficult to use and are not willing to give them a try. Password managers had the same issue back then and hopefully, email aliases will become more mainstream in the future.
For taking payments, I recommend using Paddle if you want to target the global market. TVA-compliancy is hard and it takes a lot of time to do that right. Paddle takes more commission than Stripe but 10% of revenue at the beginning doesn’t make much difference. Their documentation is also inferior than Stripe but fortunately, there isn’t much to do in terms of integration. Ping me if you need any help integrating Paddle.
If your product targets a nid, make sure to spend enough time on the related Reddit community (aka subreddit). You will learn a lot about your potential users, the terminology they use, what they care about, etc. You can also ask them for feedback on an early version - just make sure to be sincere and don’t try to convert people to paying customers at that point. If they like your product, they’ll be willing to pay. I prefer Reddit at the beginning than Twitter as the Reddit community seems to be more constructive.
If you’re new to email aliases and want to try out SimpleLogin, I’d recommend starting with our Chrome/Firefox extension - they are easy to use and handful when you sign up for a lot of newsletters or try out different software.