We performed a comparison between CyberArk Privileged Access Manager and OneLogin by One Identity based on real PeerSpot user reviews.
Find out in this report how the two Access Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Its' quite stable."
"The credentials management capability is key to ensuring that the credentials are kept secure and that access to them is done on a temporary and event-driven basis."
"For a while, there were individual IDs having privileged access. We wanted to restrict that. We implemented the solution so that it can be more of internal control. We can have session recordings happening and reduce our attacks."
"Their legacy of more than 20 years is very valuable. It brings a lot of stability to the product and a wide variety of integration with the ecosystem. Because of these factors, it has also been very successful in deployment. So, the legacy and integration with other technologies make the PAM platform very stable and strong. In terms of features, most of the other vendors are still focusing just on the privileged access management or session recording, but CyberArk has incorporated artificial intelligence to make PAM a more proactive system. They have implemented threat analytics into this, and there is also a lot of focus on domain controller production, Windows Server protection, and stuff like that. They have also further advanced it with the security on the cloud and DevOps systems. They have a bundle licensing model, which really helps. They don't have a complex licensing model. Even though in our market, people say CyberArk is expensive as compared to some of the other products, but in terms of overall value and as a bundling solution, it is an affordable and highly scalable product."
"Password rotation, session recording & isolation and on-demand privileges."
"We know when passwords will be expiring so we can force users to change their passwords, as well as requiring specific password requirements for length, complexity, etc."
"We like it for the ability to automatically change passwords. At least for my group, that's the best thing."
"On the customer accounts side, our account managers are responsive. If you ask them, they will get you whomever you need."
"When it comes to access management, the solution's single pane of glass is extremely important. The single pane of glass for access management enables collaborative work between IT and security. We have access to certain applications that require device trust. Based on the role, we can access those applications through OneLogin Desktop."
"Once I made the OneLogin ID, it would essentially make user names and passwords for every application that we had."
"The single sign-on and the fact that we can integrate everything in one place and control from there were valuable features of this solution."
"The most valuable feature is the ease with which we can manage the sign-on feature."
"The solution allows the user to search logs based on a specific time."
"Simplicity is the most valuable part of OneLogin."
"Documentation."
"In my role, the most valuable features are two-factor authentication and self-service password reset. The most helpful feature for the institution as a whole is probably the single sign-on. As an IT director, I care about security and ease of use."
"I don't know if "failed authentication" is a glitch or if that was an update... However, since we are the CyberArk support within our organization, we need to know that the password is suspended and we won't know that unless we have the ITA log up. So when a user calls and says, "Hey, I'm locked out of CyberArk, I can't get into CyberArk," we have to go through all of these other troubleshooting steps because the first thing we don't think of right now is, "The account is suspended." It doesn't say that anymore."
"We had an issue with the Copy feature... Apparently, in version 10, that Copy feature does not work. You actually have to click Show and then copy the password from within Show and then paste it. We've had a million tickets and we had to figure out a workaround to it."
"As they grow, the technical support is having growing pains. One of the things is just being able to get somebody on the phone sometimes."
"If there is an area that has room for improvement, it's probably working with their support and getting people on the phone. That is hard to do with most products in general, but that seems to be the difficult area. The product is fantastic, but sometimes we want somebody on the phone."
"One thing that could be improved is to create of a better alternative for fixing group policy fees. We currently use Microsoft, but they have introduced new policies that may not be compatible."
"We would, of course, always prefer it if the pricing was cheaper."
"Make it easier to deploy."
"There is a lot of room for improvement in the report section. I also work on other tools, such as Thycotic, which allows you to create customized reports for your organization's needs. In CyberArk, there are limited reports, whereas in Thycotic or some of the other PAM tools, because the database is different, you can customize the report based on your needs through SQL queries."
"I'd like OneLogin to have a customization section that displays the company's offerings, categorized by different topics."
"In terms of managing the users on a large scale, it would be easier if they had some kind of user management portal."
"OneLogin offers a Virtual LDAP feature that we utilize, although it differs slightly from traditional LDAP servers."
"having a RESTful implementation instead of RPC would have been more desirable."
"OneLogin needs to increase the number of connectors available out of the box to connect to the different endpoints. The number of out-of-box connectors should be increased."
"While I initially used OneLogin's desktop feature to extend SSO, I discontinued it two years ago due to limitations."
"I would like better reporting from SmartFactor Authentication when a user is not able to sign in due to a new location, new IP, new device, et cetera."
"To offboard, you have to manually click on this checklist, each of the checkmarks. It would actually be really nice if, for offboarding someone, you just click "offboard" and it automatically runs a script to do that."
More CyberArk Privileged Access Manager Pricing and Cost Advice →
CyberArk Privileged Access Manager is ranked 1st in Privileged Access Management (PAM) with 142 reviews while OneLogin by One Identity is ranked 7th in Access Management with 16 reviews. CyberArk Privileged Access Manager is rated 8.8, while OneLogin by One Identity is rated 8.6. The top reviewer of CyberArk Privileged Access Manager writes "Lets you ensure relevant, compliant access in good time and with an audit trail, yet lacks clarity on MITRE ATT&CK". On the other hand, the top reviewer of OneLogin by One Identity writes "Integrated well and had a single pane of glass, but downtime and pricing were issues for us". CyberArk Privileged Access Manager is most compared with Cisco ISE (Identity Services Engine), Microsoft Entra ID, Delinea Secret Server, WALLIX Bastion and One Identity Safeguard, whereas OneLogin by One Identity is most compared with Auth0, Microsoft Entra ID, Okta Workforce Identity, LastPass and One Identity Manager. See our CyberArk Privileged Access Manager vs. OneLogin by One Identity report.
See our list of best Access Management vendors.
We monitor all Access Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.