We performed a comparison between CyberArk Privileged Access Manager and Okta Workforce Identity based on real PeerSpot user reviews.
Find out in this report how the two Access Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."I love the ability to customize the passwords: the forbidden characters, the length of the password, the number of capital, lowercase, and special characters. You can customize the password so that it tailor fits, for example, mainframes that can't have more than eight characters. You can say, "I want a random password that doesn't have these special characters, but it is exactly eight characters," so that it doesn't throw errors."
"The most important feature is managing the credentials and implementing those policies which rotate the credentials. Session Manager is also key in not letting the users have access to those credentials. Instead, CyberArk actually manages everything by itself."
"Increased our insight into how privileged accounts are being used and distributed within our footprint."
"The fact that I can put my vault here in a central location on one net for example, and I'll have a CPM in California, a CPM in Texas, a CPM in New York, a CPM in Florida, and actually be able to grow with my company and not necessarily have to continue to grow my vault until I get to a certain number accounts - yet I can still manage everything across the country, if not the world - I love that. I love the flexibility and the capability of being able to pull those components out."
"Within the solution, I love the fact that everything is recorded. The configuration capabilities are great, too."
"We are able to rotate credentials and have privileged account access."
"The implementation of the PSM proxy has reduced the specific risk of "insider attacks" on our domain controllers and SLDAP servers by eliminating direct user login by an open secure connection on the user's behalf without ever revealing the privileged credentials."
"The product is for hardening access and making the organization more secure, therefore reducing chances of a breach."
"The solution can scale very well."
"It is flexible and easy to install."
"Other than Okta being an easy and awesome integration tool, one of the best features it has is the provisioning and deprovisioning, which makes management way easier. You don't need to be too technical to understand how it works."
"What I found most valuable in Okta Workforce Identity is that it worked together with VMware Workspace One, so there was this device check at the same time. My company used the trusted device method that enabled you to define that only the trusted devices including the Workspace One agent were able to access the applications directly without an additional authentication step."
"This solution has a lot of capabilities and features."
"It is a very stable solution."
"Workforce Identity offers a comprehensive access management solution with multi-factor authentication, total control, and features like app access management, identity governance, and administration tools such as certification and access request management. These are typically found in identity management solutions, but Okta integrates them seamlessly into its user interface."
"The most valuable features of Okta Workforce Identity are SSO, MFA, and beneficial feature sets."
"It can be made user-friendly, in the sense of the console is pretty outdated."
"We need a bit more education for our user community because they are not using it to its capabilities."
"Areas the product could be improved are in some of the reporting capabilities and how the reports are configured."
"The solution could improve by adding more connectors."
"Our DevOps team is looking in the direction of cloud, because we are not in it today. We are hoping to build it with Conjur from the ground up."
"The admin interface of the Password Vault Web Access (PVWA) is moving from an old style (the classic interface) to a new style (the v10 interface) and unfortunately, this process is quite slow."
"The support services could act faster when people reach out to resolve issues."
"Tech support staff can be more proactive."
"A room for improvement in Okta Workforce Identity is its price. It could be cheaper. The biggest benefit of the solution is that everything works securely without extra steps, so you're saving on your workforce's time and effort because your applications work smoothly and securely, but you'd need to pay some amount of money for that. Another area that could be improved, though not necessarily regarding Okta Workforce Identity, is the SSO applications because so many of the source applications charge extra money to put the SSO to work, which means you have to buy a more expensive license. Nowadays, SSO is a mainstream functionality and it should be out-of-the-box in those applications because it's so easy to set up."
"They also have single sign-on (SSO). When we bought Okta Workforce Identity a year and a half ago, I was also looking at SSO, but not much documentation was available for SSO. The documentation for SSO should be a little more robust for somebody who is implementing it for the first time."
"The solution's user interface needs to be improved and made easy."
"The solution’s policies are difficult to understand due to the policy methods. They use authentication. The solution’s workflow is also difficult and not very active. They need to have proper documentation on it. In the next release, I would like to see the workflows being more digestible."
"The lifecycle management part can be improved. It should also have identity governance and the ability to choose a specific factor authentication at the application level. Its licensing and pricing can also be improved."
"UD attribute mapping, Okta group rules, and dynamic usage could use improvement. It also needs more in-depth functionality and features to integrate with RADIUS solutions."
"They should focus on improving them to provide top-notch team access management while still offering those typical features."
"The solution should have greater on-premises availability, not just cloud and more package customization in its processing."
More CyberArk Privileged Access Manager Pricing and Cost Advice →
CyberArk Privileged Access Manager is ranked 1st in Privileged Access Management (PAM) with 142 reviews while Okta Workforce Identity is ranked 3rd in Access Management with 56 reviews. CyberArk Privileged Access Manager is rated 8.8, while Okta Workforce Identity is rated 8.6. The top reviewer of CyberArk Privileged Access Manager writes "Lets you ensure relevant, compliant access in good time and with an audit trail, yet lacks clarity on MITRE ATT&CK". On the other hand, the top reviewer of Okta Workforce Identity writes "Extremely easy to work with, simple to set up, and reasonably priced ". CyberArk Privileged Access Manager is most compared with Cisco ISE (Identity Services Engine), Microsoft Entra ID, Delinea Secret Server, WALLIX Bastion and One Identity Safeguard, whereas Okta Workforce Identity is most compared with Microsoft Entra ID, Google Cloud Identity, SailPoint IdentityIQ, Saviynt and Cisco Duo. See our CyberArk Privileged Access Manager vs. Okta Workforce Identity report.
See our list of best Access Management vendors.
We monitor all Access Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.