We performed a comparison between BeyondTrust Password Safe and LastPass based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, HashiCorp, Amazon Web Services (AWS) and others in Enterprise Password Managers."The best aspect of the product is the ability to onboard devices. You can scan the IP subnets and onboard all the devices. You can then segregate them if it's a network device or a firewall. If it's a Windows server or a UNIX, you can basically scan your IT infrastructure and onboard the efforts, which should be managed. Once they have been onboarded, then the session management and password management are easy and nicely configurable."
"The solution protects organizations from internal and external threats."
"The CI/CD and REST API are also satisfactory; the solution has a full PAM feature set and they all work well."
"The performance is good."
"The actual innovations offered by the vendor stand out to me. They are quick to respond to market demands and the changing environment of privileged access management."
"I like the session recording feature. I also like the analytics and reports. You can pull up a report, and the UI is fantastic. The system is recording when nobody's there, so we have a record of what's happening."
"It provides integrated password and session management in one solution, which is important for us because, from an auditing standpoint, we are accountable for the type of access being used. We need to ensure that accounts are securely stored and there is the right type of accountability around who is gaining the access. After gaining it, how they're using it, where they're using it, etc."
"Smart Rules is a nice feature in BeyondTrust. It is a unique feature that BeyondTrust has as compared to other vendors such as CyberArk. With Smart Rules, you can do automatic onboarding of accounts. There are a lot of options and features. For example, you can do onboarding based on different AD attributes. It is a nice feature in BeyondTrust that some of the other PAM vendors don't have. With other vendors, we have to create our own scripts, whereas, with BeyondTrust, we can just use the in-built Smart Rules."
"Increased security around password management for teams and collaborative efforts with external vendors."
"One feature that is really important to us is the ability to create secure notes."
"Until now, I haven't found anything like the dashboard. It gives you a security score. I find that to be really great. The Sharing Center is really great as well. And the Security Challenge is really great too."
"Off-boarding of people is easy without changing shared account passwords."
"It's improved security; we don't have to worry about people storing password loosely and secure them."
"The initial setup for this process is straightforward and extremely easy. It just works."
"The most valuable feature is the liberty of keeping encrypted passwords and elevated information in a sealed vault."
"It's always hard to put a value on return on investment. You avoid one breach and it's paid for a million times over. We got a penetration test company internally, just to see how secure our network is, and there happened to be one bit of software that had been overlooked by an external company that managed it. It hadn't been upgraded so that managed to get them into the network. They would've been able to access through the test thing a file that we had previously. If that was a real-life scenario they would have been able to get into our network and get full access to our organization's passwords. If they did get in, they would have gotten access to the cloud. The ROI we see is that we are completely secured compared to what we had previously where there was a vulnerability."
"Documentation is the primary area of improvement."
"The database instance onboarding should be simplified. The problem is that you can scan the assets and databases inside a server, but you cannot onboard them or manage them with the smart tools. It has to be done manually. I think they should try to include more custom platforms."
"I think that BeyondTrust Password Safe could be improved with more testing. In the beginning, they were practically using customers as beta testers. Maybe the product has evolved since I last used it, but if you look at PAM, privileged access management, whatever's out there has already been done. I don't see there being any other enhancements that are being made regarding PAM, except to support more cloud-based applications."
"We don't have much control over the appliance. When anything happens in the backend, we have to depend on the support team. We need to raise a case so that they can update the appliance. If we have control over it, we would be able to troubleshoot easily."
"Named accounts don't work well in this solution. If you use named accounts for your administrative access, the way Smart Rules work is that it takes your SAM account name and matches it to the account name of your privileged ID, which creates limitations on size and how big those names can be because the directory has a 20-character limit."
"The product needs to have better integration with SAP products."
"The integration with Secure Remote Access must be improved."
"We face screensaver timeout issues and problems with the server. I would like the product to include a server visibility feature."
"Right now we have two products; there is the password manager and there is the authenticator app. Ideally, these should be fully integrated and support better handling of two-factor authentication or any other authenticator data."
"I also don't like the add-in for Internet Explorer and Google Chrome, because when you do the add-in, you can actually save that to your credentials in your IE, and the problem is, if I left my screen open, or any of the IT people leave their screen open someone could come up and access all their credentials in LastPass without having to put a password in within your own network. I don't like that functionality. We've banned that from any of our staff adding that as an add-in because we see that as a security risk."
"Our biggest issue over the years was around the stability of the LDAP sync to AD."
"Its user interface should be better, and there should probably be more information about scalability."
"I struggle a little bit with the mobile app. As a browser extension, it works really well, and we are able to get to what we need to. However, on the phone, it's not quite as easy to navigate."
"The ability to set up an account expiration limit/date would be very useful."
"I would like to be able to reduce the log out time of the session."
"One thing I wish LastPass had is an integration with Active Directory, not for synchronizing users but to actually manage, in some way, privileged accounts by replacing the password of LastPass itself."
Earn 20 points
BeyondTrust Password Safe is ranked 5th in Enterprise Password Managers with 19 reviews while LastPass is ranked 17th in Enterprise Password Managers. BeyondTrust Password Safe is rated 7.6, while LastPass is rated 7.4. The top reviewer of BeyondTrust Password Safe writes "Allows us to automatically rotate passwords, set the complexity, and enforce password policies on privileged accounts". On the other hand, the top reviewer of LastPass writes "Straightforward to set up, good support, intuitive to use, and offers good value for the cost". BeyondTrust Password Safe is most compared with HashiCorp Vault, Azure Key Vault, BeyondTrust Privileged Remote Access, Delinea Secret Server and CyberArk Enterprise Password Vault, whereas LastPass is most compared with Azure Key Vault, HashiCorp Vault, Keeper, CyberArk Enterprise Password Vault and Delinea Secret Server.
See our list of best Enterprise Password Managers vendors.
We monitor all Enterprise Password Managers reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.