We performed a comparison between CyberArk Privileged Access Manager and OneLogin by One Identity based on real PeerSpot user reviews.
Find out in this report how the two Access Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Ensures accounts are managed according to corporate policies."
"Provides improved security around having your credentials locked down and rotated regularly."
"Right off the bat, the most valuable feature is the DNA scan. It gives us the ability to scan our environment and find the accounts that we're going to need to take under control."
"I love the ability to customize the passwords: the forbidden characters, the length of the password, the number of capital, lowercase, and special characters. You can customize the password so that it tailor fits, for example, mainframes that can't have more than eight characters. You can say, "I want a random password that doesn't have these special characters, but it is exactly eight characters," so that it doesn't throw errors."
"It is very simple to use."
"Central Password Manager is useful for agentless automated password management through AD integration as well as endpoints for different devices."
"CyberArk Privileged Access Manager's main benefit is it provides secure access to our servers. There are features to capture the user activity, it provides video recording processing. If the users are logged in to the server, we can see what activities they are performing. It's a very nice tool for Privileged Access Management. They have plenty of useful services and the solution has fulfilled our needs."
"The automatic change of the password and Privileged Session Manager (PSM) are the most valuable features. With Privileged Session Manager, you can control the password management in a centralized way. You can activate these features in a session; the session isolation and recording. You apply the full intermediation principle. So, you must pass through CyberArk PAM to get access to the target system. You don't need to know the password, and everything that you do is registered and auditable. In this case, no one gets to touch the password directly. Also, you can implement detection and response behavior in case of a breach."
"Simplicity is the most valuable part of OneLogin."
"One aspect I particularly appreciate is their exceptional customer support whenever I've needed assistance."
"Once I made the OneLogin ID, it would essentially make user names and passwords for every application that we had."
"It's super useful to have a single pane of glass when it comes to access management."
"OneLogin is efficient."
"The solution's ability to save and manage of all my passwords is great."
"In my role, the most valuable features are two-factor authentication and self-service password reset. The most helpful feature for the institution as a whole is probably the single sign-on. As an IT director, I care about security and ease of use."
"The solution allows the user to search logs based on a specific time."
"The web interface has come a long way, but the PrivateArk client seems clunky and not intuitive. It could use an update to be brought up to speed with the usability of PVWA."
"I'd like to see a more expansive SSH tunneling situation through PSMP. Right now you have an account that exists in the vault and you say, "I want to create a tunnel using this account." I'd like to see something that is not account-based where I could say, "I want to create a tunnel to this machine over here," and then authenticate through the PSMP and then your tunnel is set up. You wouldn't need to then authenticate to a machine."
"More additional features as far as the REST is concerned, because we have something which was the predecessor to REST. A lot of the features which were in the predecessor have not necessarily been ported over to REST yet."
"The product could be easier to use. More work needs to be done on this aspect; it is not good enough yet. It also takes up a lot of server space. Sometimes we need to use up to seven servers."
"The documentation is rather basic and it is missing many use cases."
"Make it easier to deploy."
"The one place where we found that this product really needs to improve is the cloud. Simple integrations don't exist, even today. We don't have anything specific on CyberArk for managing, SaaS products, SaaS vendors, SaaS credentials. I understand it's a vendor-based thing and that they have to coordinate with the other vendors to be able to do that, and there are integrations coming. But these are the major places where CyberArk definitely needs to invest some more time."
"It's hard to find competent resellers/support."
"This product doesn't necessarily provide us with all of the functionality that we need, such as being able to share passwords with external users."
"OneLogin needs to increase the number of connectors available out of the box to connect to the different endpoints. The number of out-of-box connectors should be increased."
"To offboard, you have to manually click on this checklist, each of the checkmarks. It would actually be really nice if, for offboarding someone, you just click "offboard" and it automatically runs a script to do that."
"I would like better reporting from SmartFactor Authentication when a user is not able to sign in due to a new location, new IP, new device, et cetera."
"OneLogin offers a Virtual LDAP feature that we utilize, although it differs slightly from traditional LDAP servers."
"The tool must be made more robust."
"While I initially used OneLogin's desktop feature to extend SSO, I discontinued it two years ago due to limitations."
"having a RESTful implementation instead of RPC would have been more desirable."
More CyberArk Privileged Access Manager Pricing and Cost Advice →
CyberArk Privileged Access Manager is ranked 1st in Privileged Access Management (PAM) with 142 reviews while OneLogin by One Identity is ranked 6th in Access Management with 16 reviews. CyberArk Privileged Access Manager is rated 8.8, while OneLogin by One Identity is rated 8.6. The top reviewer of CyberArk Privileged Access Manager writes "Lets you ensure relevant, compliant access in good time and with an audit trail, yet lacks clarity on MITRE ATT&CK". On the other hand, the top reviewer of OneLogin by One Identity writes "Integrated well and had a single pane of glass, but downtime and pricing were issues for us". CyberArk Privileged Access Manager is most compared with Cisco ISE (Identity Services Engine), Microsoft Entra ID, Delinea Secret Server, WALLIX Bastion and One Identity Safeguard, whereas OneLogin by One Identity is most compared with Auth0, Okta Workforce Identity, Microsoft Entra ID, LastPass and One Identity Manager. See our CyberArk Privileged Access Manager vs. OneLogin by One Identity report.
See our list of best Access Management vendors.
We monitor all Access Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
