BeyondTrust Password Safe OverviewUNIXBusinessApplication

BeyondTrust Password Safe is the #5 ranked solution in top Enterprise Password Managers and top Privileged Access Management (PAM) tools. PeerSpot users give BeyondTrust Password Safe an average rating of 7.8 out of 10. BeyondTrust Password Safe is most commonly compared to Azure Key Vault: BeyondTrust Password Safe vs Azure Key Vault. BeyondTrust Password Safe is popular among the large enterprise segment, accounting for 65% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 13% of all views.
BeyondTrust Password Safe Buyer's Guide

Download the BeyondTrust Password Safe Buyer's Guide including reviews and more. Updated: December 2022

What is BeyondTrust Password Safe?

Beyond Trust Password Safe is an automated solution that combines password and privileged session management into a single platform. Password Safe delivers secure access control, auditing, alerting, recording, and monitoring.

This free and open-source password manager supports Windows and Linux, and some ports are available for other platforms as well. Their proprietary algorithm, Twofish, is considered highly secure, with the advantage that it is not affiliated with NIST. The Twofish algorithm secures the data while keys are delivered using SHA-256 authentication.

The application is easy to use, and you can download the Windows app from several sites. Additionally, the application is available in 14 languages.

Beyond Trust Password Safe Key Features

  • Continuous automated account discovery: Scan, identify and profile assets with the discovery engine. The solution has dynamic categorization that enables the automated onboarding of assets into groups.

  • Application-to-application password management: Password Safe offers an adaptable API interface including an unlimited number of password caches, therefore providing scalability and redundancy.

  • Secure SSH key management: The system automatically rotates SSH keys to enforce granular access control and workflow. Private keys securely log users onto systems without exposing them.

  • Adaptive access control: Evaluates context and provides access requests by considering factors such as time of access and location to determine the user’s authorization level.

  • Enhanced privileged session management: Admins can record, lock, and document suspicious behavior without disrupting productivity by managing sessions live.

  • Advanced privileged threat analytics: Password Safe monitors assets and user behavior every day, analyzing what are normal patterns and detecting deviations.

  • Multi-factor authentication: Password Safe supports 2FA (two-factor authentication) using Yubikey 4, Nano, or Neo.

What can you do with Password Safe?

  • Cross-device and cross-platform syncing: You can safely store encrypted password files online, where you can access them via Password Safe-compatible apps.

  • Drag and drop password: Password Safe has a “Dragbar,” which you can use to complete forms by dragging and dropping icons over the form - for example, passwords, usernames, design tiles, and emails.

  • Autotype: With Password Safe, when you click on a web page or login box, the autotype feature will try to fill in your credentials automatically for you.

  • Import and export: You can import passwords from text, XML, or CSV fails. You can also export passwords in text, XML, and the PSAFE format.

  • Password generator: Generate secure passwords by using the algorithm. You can also define your password rules.

Beyond Trust Password Safe Benefits

  • Controls third-party access: Password Safe secures the connection and automatically checks privileged credentials. The solution records all sessions.

  • Uses context to determine access: Password Safe considers risk factors like location, day, or time of access and uses them to adjust the permissions and privileges of each user.

  • Manages access for privileged and non-privileged accounts: By integrating with SailPoint IdentityIQ, Password Safe effectively manages user access for privileged as well as non-privileged accounts.

  • Reduces cloud risk: Password Safe simplifies secure storage and session management. It supports major cloud providers such as Azure, Amazon, Google, Rackspace, and GoGrid. It also supports social networks - Facebook, LinkedIn, and Twitter.

  • Integrates password and privilege management: Integrates with Endpoint Privilege Management to control the resources users can access and the actions they are allowed to take

Reviews from Real Users

A PAM Architect at a tech services company says, "BeyondTrust Password Safe's features that I have found most valuable are really those that are knitted in. That is their Smart Rules and Smart Groups, where you design your administration model so you create your AD groups and your asset groups, and configure Password Safe."

An I.S. Architect at a insurance company mentions that "Session recording, password rotation, and password vaulting are the most valuable features."

    "One of the most valuable features is that this is a product designed with enterprises in mind," adds a Cybersecurity Architect at a tech vendor.

        BeyondTrust Password Safe was previously known as BeyondTrust PowerBroker Password Safe.

        BeyondTrust Password Safe Customers

        Aera Energy LLC, Care New England, James Madison University

        BeyondTrust Password Safe Video

        Archived BeyondTrust Password Safe Reviews (more than two years old)

        Filter by:
        Filter Reviews
        Filter Unavailable
        Company Size
        Filter Unavailable
        Job Level
        Filter Unavailable
        Filter Unavailable
        Filter Unavailable
        Order by:
        • Date
        • Highest Rating
        • Lowest Rating
        • Review Length
        Showingreviews based on the current filters. Reset all filters
        Director Information Security at Coho Data
        Real User
        Data warehouse cubes on the backend gives us the ultimate visibility into our assets

        What is our primary use case?

        BeyondTrust replaced the leading password management solution, offered vulnerability management and gave me a third-party patch management that integrates with Microsoft. To me, that was a win-win. 

        How has it helped my organization?

        It improved our overall return on investment by at least two-fold and gave us more intelligence on our assets than we expected.  

        What is most valuable?

        The sharing of intelligence gathered by scanning, and data warehouse cubes on the backend that gives us the ultimate visibility into our assets. 

        What needs improvement?

        I would love if they integrated Bomgar's SSO with BeyondTrust for the session recording that we use for vendors. 

        Buyer's Guide
        BeyondTrust Password Safe
        December 2022
        Learn what your peers think about BeyondTrust Password Safe. Get advice and tips from experienced pros sharing their opinions. Updated: December 2022.
        655,711 professionals have used our research since 2012.

        For how long have I used the solution?

        Less than one year.

        What do I think about the stability of the solution?

        It has no problems. It's very flexible.

        What do I think about the scalability of the solution?

        It will scale and has a built-in capability to augment expansion via external databases. 

        How are customer service and support?

        Support has been very very good. 

        Which solution did I use previously and why did I switch?

        We used CyberArk, and we found for an SMB that the product required more FTEs than we could handle. CyberArk is really meant for 100K FTE enterprises and requires a serious.

        How was the initial setup?

        It is a complex product that has a lot of capabilities and does take some learning. They recommend taking their foundations class to understand and get the most out of the product. 

        What about the implementation team?

        Very good.  (A-, or B++).

        What was our ROI?


        What's my experience with pricing, setup cost, and licensing?

        Talk to references, look at Gartner and the positive and negative comments. BeyondTrust has the least negative comments of all the products and ties vulnerability management, scanning, password management, session recording, inventory management, intelligence gathering on attached assets. And when you look at all this together and price out separate options, the TCO is easy to justify. 

        Which other solutions did I evaluate?

        CyberArk's password safe.

        What other advice do I have?

        It is a steep learning curve, but once automated, it makes your life a lot easier. 

        Which deployment model are you using for this solution?

        Private Cloud
        Disclosure: I am a real user, and this review is based on my own experience and opinions.
        PeerSpot user
        D4T - PeerSpot reviewer
        D4TDirector Information Security at Coho Data
        Real User

        UPDATE: Since I posted this almost a year ago, BeyondTrust has decided to remove their scanning solution from their UVM (Unified Vulnerability Management ) appliance. At the end of 2019 BeyondTrust announced that they will EOL their integrated scanner (12/31/2020).

        This single move has removed the benefit that BeyondTrust brought to the table, wiping out any economies of scales that justified the ROI and TCO benefit of an integrated Unified Vulnerability Management solution.

        This now turns their UVM into just a Password management solution. Which is still better than CyberArk, but now lacks the additional benefit of intelligence gathering.

        To make matters worse, BeyondTrust has decided to partner with Tenable to provide the replacement vulnerability scanning solution. When asked what other integrations they had besides Tenable, there was no answer. Clearly some deal was cut with no thought to their customers or their customers experience with Tenable.

        Without a scanning solution, the visibility of the assets is now questionable. Where I once viewed them as a visionary and leader, it seems that the executives are reverting to their safe desks and not providing the vison necessary to stay ahead of the pack.

        Unfortunately, due to BeyondTrust change in direction, their ROI is now questionable and now has to be re-thought.

        The final straw was their overt push for their customers to use Tenable as a replacement for their EOL vulnerability scanner.

        All I can say is that for me BeyondTrust's value has diminished tremendously due to their decision to remove themselves from the vulnerability market. I have also lost trust in BeyondTrust to listen to their customers' needs to address our challenges.

        Buyer's Guide
        Download our free BeyondTrust Password Safe Report and get advice and tips from experienced pros sharing their opinions.
        Updated: December 2022
        Buyer's Guide
        Download our free BeyondTrust Password Safe Report and get advice and tips from experienced pros sharing their opinions.