We performed a comparison between AWS Secrets Manager and LastPass based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, HashiCorp, Amazon Web Services (AWS) and others in Enterprise Password Managers."AWS Secrets Manager is used for storing secret information that has to be a secret from your customer and your employees."
"The API is fine and works well."
"All our workloads are running on AWS, so integration with our workload is much easier on AWS Secrets Manager than going with another solution such as Thycotic."
"The most valuable feature of AWS Secrets Manager is the ability to keep data secret and assign access permissions to people to grant or restrict access."
"The most valuable feature is security."
"Integrating with other services was straightforward, especially within the AWS environment."
"The most valuable feature of AWS Secrets Manager is its seamless integration with various AWS services."
"The most valuable feature is the management of credentials."
"It's improved security; we don't have to worry about people storing password loosely and secure them."
"It's always hard to put a value on return on investment. You avoid one breach and it's paid for a million times over. We got a penetration test company internally, just to see how secure our network is, and there happened to be one bit of software that had been overlooked by an external company that managed it. It hadn't been upgraded so that managed to get them into the network. They would've been able to access through the test thing a file that we had previously. If that was a real-life scenario they would have been able to get into our network and get full access to our organization's passwords. If they did get in, they would have gotten access to the cloud. The ROI we see is that we are completely secured compared to what we had previously where there was a vulnerability."
"One feature that is really important to us is the ability to create secure notes."
"The most valuable feature for me is being able to pair applications and user permissions."
"Increased security around password management for teams and collaborative efforts with external vendors."
"The stability has been rock solid. A couple of years ago, they were breached. However, if you had two-factor authentication enabled, it didn't affect you. We did, so it has been good."
"Scalability is fine, no issues with that, especially now that they have added different user-level permissions. That has made it a lot easier to delegate out certain features to have other people do."
"It is easy to use."
"There is room for improvement in terms of integrating with certain other platforms."
"The solution's initial setup process is complicated."
"An area for improvement in AWS Secrets Manager could be expanding integration options beyond AWS services."
"It would be good if the AWS Secrets Manager were more customizable."
"If you add one more layer of security to AWS Secrets Manager, even the programmer will not be able to see the secrets."
"There is room for improvement in the pricing model."
"The sidecar feature has room for improvement."
"We occasionally have problems with rate limits, although that is a problem more generally with AWS."
"The ability to set up an account expiration limit/date would be very useful."
"One thing I wish LastPass had is an integration with Active Directory, not for synchronizing users but to actually manage, in some way, privileged accounts by replacing the password of LastPass itself."
"The biggest thing is there is no good way to have LastPass rotate passwords without human intervention. Right now, we have to go into each folder, then rotate and manually update each password. It can be done it by loading a bunch of passwords into a spreadsheet, but this makes the whole process insecure because then the passwords have been noted into a spreadsheet which have to be upload. We have to go into 40 to 50 applications and manually update passwords, because we don't view their solution of writing a bunch of passwords on a spreadsheet, then uploading them as a secure solution. This should be done internally within LastPass."
"I also don't like the add-in for Internet Explorer and Google Chrome, because when you do the add-in, you can actually save that to your credentials in your IE, and the problem is, if I left my screen open, or any of the IT people leave their screen open someone could come up and access all their credentials in LastPass without having to put a password in within your own network. I don't like that functionality. We've banned that from any of our staff adding that as an add-in because we see that as a security risk."
"Right now we have two products; there is the password manager and there is the authenticator app. Ideally, these should be fully integrated and support better handling of two-factor authentication or any other authenticator data."
"I struggle a little bit with the mobile app. As a browser extension, it works really well, and we are able to get to what we need to. However, on the phone, it's not quite as easy to navigate."
"I would like to be able to reduce the log out time of the session."
"It is not super feature laden. It does not stand out versus the competition."
Earn 20 points
AWS Secrets Manager is ranked 3rd in Enterprise Password Managers with 12 reviews while LastPass is ranked 17th in Enterprise Password Managers. AWS Secrets Manager is rated 8.8, while LastPass is rated 7.4. The top reviewer of AWS Secrets Manager writes "Seamlessly integrates with various AWS services while offering reasonable pricing". On the other hand, the top reviewer of LastPass writes "Straightforward to set up, good support, intuitive to use, and offers good value for the cost". AWS Secrets Manager is most compared with Azure Key Vault, HashiCorp Vault, 1Password, CyberArk Enterprise Password Vault and Bitwarden, whereas LastPass is most compared with Azure Key Vault, HashiCorp Vault, BeyondTrust Password Safe, Keeper and Dashlane.
See our list of best Enterprise Password Managers vendors.
We monitor all Enterprise Password Managers reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.