Most Helpful Review
We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
It is an added value for our customers to have a Secrets Management workflow available that is PaaS/CaaS/KaaS Platform agnostic.
It's improved security; we don't have to worry about people storing password loosely and secure them.
The most valuable feature is the liberty of keeping encrypted passwords and elevated information in a sealed vault.
The initial setup for this process is straightforward and extremely easy. It just works.
Until now, I haven't found anything like the dashboard. It gives you a security score. I find that to be really great. The Sharing Center is really great as well. And the Security Challenge is really great too.
It's always hard to put a value on return on investment. You avoid one breach and it's paid for a million times over. We got a penetration test company internally, just to see how secure our network is, and there happened to be one bit of software that had been overlooked by an external company that managed it. It hadn't been upgraded so that managed to get them into the network. They would've been able to access through the test thing a file that we had previously. If that was a real-life scenario they would have been able to get into our network and get full access to our organization's passwords. If they did get in, they would have gotten access to the cloud. The ROI we see is that we are completely secured compared to what we had previously where there was a vulnerability.
The stability has been rock solid. A couple of years ago, they were breached. However, if you had two-factor authentication enabled, it didn't affect you. We did, so it has been good.
This product helps keep us secure.
Tech support has been good. We haven't needed it much, because it is not a complex application. There is not that much you have to do with it.
A drawback for some clients who have to be PCI compliant is that they still need to use and subscribe to an HSM (Hardware Security Module) solution.
I would like to be able to reduce the log out time of the session.
Right now we have two products; there is the password manager and there is the authenticator app. Ideally, these should be fully integrated and support better handling of two-factor authentication or any other authenticator data.
One thing I wish LastPass had is an integration with Active Directory, not for synchronizing users but to actually manage, in some way, privileged accounts by replacing the password of LastPass itself.
I also don't like the add-in for Internet Explorer and Google Chrome, because when you do the add-in, you can actually save that to your credentials in your IE, and the problem is, if I left my screen open, or any of the IT people leave their screen open someone could come up and access all their credentials in LastPass without having to put a password in within your own network. I don't like that functionality. We've banned that from any of our staff adding that as an add-in because we see that as a security risk.
It is not super feature laden. It does not stand out versus the competition.
The biggest thing is there is no good way to have LastPass rotate passwords without human intervention. Right now, we have to go into each folder, then rotate and manually update each password. It can be done it by loading a bunch of passwords into a spreadsheet, but this makes the whole process insecure because then the passwords have been noted into a spreadsheet which have to be upload. We have to go into 40 to 50 applications and manually update passwords, because we don't view their solution of writing a bunch of passwords on a spreadsheet, then uploading them as a secure solution. This should be done internally within LastPass.
We have issues from time to time where, for some reason, it just keeps auto logging-out the user and then, the next day, they'll come in and it will work just fine.
The ability to set up an account expiration limit/date would be very useful.
Pricing and Cost Advice
Information Not Available
The subscription model is rated at a fair price.
In terms of pricing, my feeling is that they are all roughly the same. LastPass is in line with its competitors, plus or minute a dollar or two per month.
I have been involved with many password managers. Passportal, Secret Server, CyberArk, and BeyondTrust. I chose LastPass for our organization because of the pricing. The organization didn't want to implement something really expensive. LastPass, for what it's offering, for the price that it's offering the service, is unbeatable.
LastPass was cheap as chips. It was very cheap, hence one of the reasons we went with it. If you're a small organization and you're after something that'll do 90% of your requirements, it's very good. Licensing and all that was really cheap and simple to understand.
It would be nice to do a quarterly true-up process with them versus having to buy 50 licenses at a time when we realize we're out, then we have to buy more. So far, they have been nice about letting us exceed our allotment and just letting us true-up on our own, but a more robust quarterly true-up process would be good.
The pricing and licensing are okay. Basically, at the last contract negotiation, they attempted to jack the rate up and we just said, "No." We still did negotiations with them, but they bumped everything up quite a bit.
The previous pricing was of good value. I don't really know, as of now, whether the new pricing is. The Enterprise license is $48 per license per year now. That is a steep increase of $24, which is what it was when we first signed up.
You do not have to purchase licenses for your entire organization. You can scale as adoption grows.
out of 22 in Enterprise Password Managers
Average Words per Review
out of 22 in Enterprise Password Managers
Average Words per Review
Compared 46% of the time.
Compared 18% of the time.
Compared 14% of the time.
Compared 20% of the time.
Compared 16% of the time.
Compared 12% of the time.
Vault is a tool for securely accessing secrets. A secret is anything that you want to tightly control access to, such as API keys, passwords, or certificates. Vault provides a unified interface to any secret, while providing tight access control and recording a detailed audit log.
LastPass Enterprise is a complete login solution, designed for security. It secures your business and centralizes control of employee passwords and applications with Single Sign-On, a one-click access to every site and tool. LastPass Enterprise provides password management, directory integration which synchronizes users with Active Directory, LDAP and custom APIs. It also provides access to shared accounts, for users inside and outside the organization without losing accountability.
Learn more about HashiCorp Vault
See it in Action
Start a Free 14 Day Trial
|Adobe, SAP Ariba, Citadel, Spaceflight, Cruise||Hootsuite, Truenorthlogic, Zirtual, CashStar, GoodData, Mainstream Technologies|
No Data Available
Software R&D Company24%
Comms Service Provider9%