We performed a comparison between BeyondTrust Password Safe and One Identity Password Manager based on real PeerSpot user reviews.
Find out in this report how the two Enterprise Password Managers solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Session recording, password rotation, and password vaulting are the most valuable features."
"Its number one feature is discovery. The discovery engine in BeyondTrust is off the charts. When they perform a discovery, you know everything there is about a server, including what software is installed. For example, if you want to group all of your database servers together, you can do that by using discovery and Smart Rules. If a server has Microsoft SQL installed, it gets put into a group based on a Smart Rule. It makes it very easy to determine what is what in your environment. As organizations grow or acquire other companies and merge, they lose track of what they have. BeyondTrust can help you throw a rope around it very rapidly."
"Screen recording is valuable, and integration with applications is easy. We can customize whatever we want. We did a lot of application integration using scripting."
"Smart Rules is a nice feature in BeyondTrust. It is a unique feature that BeyondTrust has as compared to other vendors such as CyberArk. With Smart Rules, you can do automatic onboarding of accounts. There are a lot of options and features. For example, you can do onboarding based on different AD attributes. It is a nice feature in BeyondTrust that some of the other PAM vendors don't have. With other vendors, we have to create our own scripts, whereas, with BeyondTrust, we can just use the in-built Smart Rules."
"It provides integrated password and session management in one solution, which is important for us because, from an auditing standpoint, we are accountable for the type of access being used. We need to ensure that accounts are securely stored and there is the right type of accountability around who is gaining the access. After gaining it, how they're using it, where they're using it, etc."
"BeyondTrust Password Safe has good reporting and Smart Rules which makes it convenient. Though Smart Rules are convenient, those who do not have much experience with such things may find it difficult to understand how these things work. Otherwise, I find Smart Rules very convenient to work with."
"The best aspect of the product is the ability to onboard devices. You can scan the IP subnets and onboard all the devices. You can then segregate them if it's a network device or a firewall. If it's a Windows server or a UNIX, you can basically scan your IT infrastructure and onboard the efforts, which should be managed. Once they have been onboarded, then the session management and password management are easy and nicely configurable."
"The solution protects organizations from internal and external threats."
"It provides seamless integration with different types of password modules like temporary access passcode and MFA."
"It is extremely simple to integrate with various systems, including OTP, passwords, and so on because everything is based on our environment."
"What I found most valuable in One Identity Password Manager is its easy use. It's a flexible solution. It also supports many languages, including Arabic."
"It does have advantages over the other products that we are seeing. Other products don't have the out-of-the-box OTP option, whereas One Identity Password Manager has the out-of-the-box OTP option. It also has a cloud-based solution for generating OTPs. So, the customers can either opt for their own SMS gateway, or they can use the One Identity OTP option where they don't have to have an SMS gateway. With other products, customers must have their own SMS gateway."
"One Identity Password Manager is a stable solution."
"It is an absolutely scalable solution...The product is easy to install."
"The solution is very customizable."
"Named accounts don't work well in this solution. If you use named accounts for your administrative access, the way Smart Rules work is that it takes your SAM account name and matches it to the account name of your privileged ID, which creates limitations on size and how big those names can be because the directory has a 20-character limit."
"Documentation is the primary area of improvement."
"The integration with Secure Remote Access must be improved."
"We weren't aware that the Password Safe virtual appliance runs on a Windows server. As part of our monthly patching process, we ran into an issue. BeyondTrust Password Safe wasn't compatible with the patching we used to put on our server."
"It has crashed on us in the past."
"There are multiple features that have issues, although they could be specific to our environment. What we have seen is that whenever a user gets added to the authentication store, the sync between Password Safe and the authentication store, which is generally easy, takes a lot of time. It does not occur immediately."
"There is a limited capacity on the appliance, which I wasn't informed about when I purchased the product. I can have a maximum of 150 rules per appliance; any more than that and rule processing becomes very complex, especially regarding password revision. Hitting a capacity limit you don't know about can be problematic. Ideally, we would not have a limited capacity, allowing us to be in a completely managed state with password rotation for every service account, not just the highly privileged ones."
"When we deploy BeyondTrust, we have to deploy our own database on a SQL server. It doesn't deploy the database. I wish BeyondTrust packages the whole solution in one and includes the MySQL database so that when you deploy it, it deploys everything for you. BeyondTrust gives you the software, but you are in charge of setting up your own database. It is a single appliance just for the BeyondTrust portion but not the database. Unless that has changed in later releases, you have to set up your own database for BeyondTrust Password Safe. I find that part complex because we then need the expertise and help of the database team to set it up, which also increases the deployment time. If they can deploy the database, it will reduce the deployment time."
"The improvement required is an increase in the number of people who manage the product's support team."
"An area for improvement in One Identity Password Manager is the management gap since Quest is no longer under Dell, and One Identity is under Quest. The management gap resulted in poor support, which needs improvement."
"If there is a self-service option to update the mobile number, it will be much more useful."
"One Identity Password Manager could improve the integration with other technology, it is complex for integrating. There needs to be more connectors or adapters. There is limited out-of-the-box customization."
"The UI needs improvement to match any other standard password manager because it's not very intuitive right now."
"I would like it to be more secure in terms of password storage."
"The software is complex on the backend, and there isn't enough documentation."
More One Identity Password Manager Pricing and Cost Advice →
BeyondTrust Password Safe is ranked 5th in Enterprise Password Managers with 19 reviews while One Identity Password Manager is ranked 15th in Enterprise Password Managers with 7 reviews. BeyondTrust Password Safe is rated 7.6, while One Identity Password Manager is rated 8.0. The top reviewer of BeyondTrust Password Safe writes "Allows us to automatically rotate passwords, set the complexity, and enforce password policies on privileged accounts". On the other hand, the top reviewer of One Identity Password Manager writes "An easy-to-use tool that offers its users strong security on the password management front ". BeyondTrust Password Safe is most compared with HashiCorp Vault, Azure Key Vault, LastPass, BeyondTrust Privileged Remote Access and CyberArk Enterprise Password Vault, whereas One Identity Password Manager is most compared with Azure Key Vault. See our BeyondTrust Password Safe vs. One Identity Password Manager report.
See our list of best Enterprise Password Managers vendors.
We monitor all Enterprise Password Managers reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.