We performed a comparison between BeyondTrust Password Safe and LastPass based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Amazon Web Services (AWS), HashiCorp and others in Enterprise Password Managers."The solution protects organizations from internal and external threats."
"The product has improved security and login due to the system recordings. In case, there is a doubt that someone has done something which they shouldn't have been doing, we can just go back and check what the user actually did."
"The CI/CD and REST API are also satisfactory; the solution has a full PAM feature set and they all work well."
"Its number one feature is discovery. The discovery engine in BeyondTrust is off the charts. When they perform a discovery, you know everything there is about a server, including what software is installed. For example, if you want to group all of your database servers together, you can do that by using discovery and Smart Rules. If a server has Microsoft SQL installed, it gets put into a group based on a Smart Rule. It makes it very easy to determine what is what in your environment. As organizations grow or acquire other companies and merge, they lose track of what they have. BeyondTrust can help you throw a rope around it very rapidly."
"BeyondTrust Password Safe has good reporting and Smart Rules which makes it convenient. Though Smart Rules are convenient, those who do not have much experience with such things may find it difficult to understand how these things work. Otherwise, I find Smart Rules very convenient to work with."
"It simplifies your compliance and tracking to benchmark other credentials and analytics."
"One of the most valuable features is that this is a product designed with enterprises in mind."
"Smart Rules is a nice feature in BeyondTrust. It is a unique feature that BeyondTrust has as compared to other vendors such as CyberArk. With Smart Rules, you can do automatic onboarding of accounts. There are a lot of options and features. For example, you can do onboarding based on different AD attributes. It is a nice feature in BeyondTrust that some of the other PAM vendors don't have. With other vendors, we have to create our own scripts, whereas, with BeyondTrust, we can just use the in-built Smart Rules."
"It's improved security; we don't have to worry about people storing password loosely and secure them."
"Scalability is fine, no issues with that, especially now that they have added different user-level permissions. That has made it a lot easier to delegate out certain features to have other people do."
"The stability has been rock solid. A couple of years ago, they were breached. However, if you had two-factor authentication enabled, it didn't affect you. We did, so it has been good."
"The initial setup for this process is straightforward and extremely easy. It just works."
"One feature that is really important to us is the ability to create secure notes."
"Off-boarding of people is easy without changing shared account passwords."
"Until now, I haven't found anything like the dashboard. It gives you a security score. I find that to be really great. The Sharing Center is really great as well. And the Security Challenge is really great too."
"The most valuable feature is the liberty of keeping encrypted passwords and elevated information in a sealed vault."
"When we deploy BeyondTrust, we have to deploy our own database on a SQL server. It doesn't deploy the database. I wish BeyondTrust packages the whole solution in one and includes the MySQL database so that when you deploy it, it deploys everything for you. BeyondTrust gives you the software, but you are in charge of setting up your own database. It is a single appliance just for the BeyondTrust portion but not the database. Unless that has changed in later releases, you have to set up your own database for BeyondTrust Password Safe. I find that part complex because we then need the expertise and help of the database team to set it up, which also increases the deployment time. If they can deploy the database, it will reduce the deployment time."
"The database instance onboarding should be simplified. The problem is that you can scan the assets and databases inside a server, but you cannot onboard them or manage them with the smart tools. It has to be done manually. I think they should try to include more custom platforms."
"Named accounts don't work well in this solution. If you use named accounts for your administrative access, the way Smart Rules work is that it takes your SAM account name and matches it to the account name of your privileged ID, which creates limitations on size and how big those names can be because the directory has a 20-character limit."
"Its documentation can be improved. Its documentation is currently complicated, and it is not good. It needs to be better. Their technical support can also be improved. It is not bad, but it can be better."
"The only feature they could improve is the banners because they aren't informative. For example, if something is not correct and I open the error notification, the dialogue box simply says, "This is an error." It would be great if they could provide some valuable comments about how to fix the errors."
"The integration with Secure Remote Access must be improved."
"We'd like to have incremental backups to ensure the solution's information is protected regularly."
"The product needs to have better integration with SAP products."
"Our biggest issue over the years was around the stability of the LDAP sync to AD."
"We have issues from time to time where, for some reason, it just keeps auto logging-out the user and then, the next day, they'll come in and it will work just fine."
"Its user interface should be better, and there should probably be more information about scalability."
"The management through the plugin is poor. It consumes tons of client resources especially as an administrator."
"Right now we have two products; there is the password manager and there is the authenticator app. Ideally, these should be fully integrated and support better handling of two-factor authentication or any other authenticator data."
"I would like to be able to reduce the log out time of the session."
"It is not super feature laden. It does not stand out versus the competition."
"One thing I wish LastPass had is an integration with Active Directory, not for synchronizing users but to actually manage, in some way, privileged accounts by replacing the password of LastPass itself."
Earn 20 points
BeyondTrust Password Safe is ranked 5th in Enterprise Password Managers with 19 reviews while LastPass is ranked 17th in Enterprise Password Managers. BeyondTrust Password Safe is rated 7.6, while LastPass is rated 7.4. The top reviewer of BeyondTrust Password Safe writes "Allows us to automatically rotate passwords, set the complexity, and enforce password policies on privileged accounts". On the other hand, the top reviewer of LastPass writes "Straightforward to set up, good support, intuitive to use, and offers good value for the cost". BeyondTrust Password Safe is most compared with HashiCorp Vault, Azure Key Vault, BeyondTrust Privileged Remote Access, CyberArk Enterprise Password Vault and Delinea Secret Server, whereas LastPass is most compared with Azure Key Vault, HashiCorp Vault, Keeper, CyberArk Enterprise Password Vault and OneLogin by One Identity.
See our list of best Enterprise Password Managers vendors.
We monitor all Enterprise Password Managers reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.