We performed a comparison between HashiCorp Vault and LastPass based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, HashiCorp, Amazon Web Services (AWS) and others in Enterprise Password Managers."It's stable. I would rate the stability a nine out of ten."
"The tool's dynamic rotation of the password credentials is good."
"It is user-friendly and easy to implement from any application point."
"We use the solution for secret management."
"The interface is very simple to navigate."
"For me, the most valuable features include that it's easy to manage and maintain the password API for retrieving passwords and other things."
"The solution is stable. It has been working perfectly without any problem."
"The feature I find most beneficial in HashiCorp Vault is the secret engine. It integrates smoothly with many applications, making it easy to set up and implement quickly. This allows you to test it easily and see good results rapidly. When you integrate an internal API or application, it quickly manages that application's secrets."
"Reduction in number of sensitive passwords stored insecurely on local systems."
"Increased security around password management for teams and collaborative efforts with external vendors."
"Until now, I haven't found anything like the dashboard. It gives you a security score. I find that to be really great. The Sharing Center is really great as well. And the Security Challenge is really great too."
"One feature that is really important to us is the ability to create secure notes."
"Scalability is fine, no issues with that, especially now that they have added different user-level permissions. That has made it a lot easier to delegate out certain features to have other people do."
"Off-boarding of people is easy without changing shared account passwords."
"The most valuable feature for me is being able to pair applications and user permissions."
"It's always hard to put a value on return on investment. You avoid one breach and it's paid for a million times over. We got a penetration test company internally, just to see how secure our network is, and there happened to be one bit of software that had been overlooked by an external company that managed it. It hadn't been upgraded so that managed to get them into the network. They would've been able to access through the test thing a file that we had previously. If that was a real-life scenario they would have been able to get into our network and get full access to our organization's passwords. If they did get in, they would have gotten access to the cloud. The ROI we see is that we are completely secured compared to what we had previously where there was a vulnerability."
"The solution's initial setup process is complicated."
"The product is complicated to install."
"In my opinion, HashiCorp Vault could improve its user interface. Right now, they don't offer much in terms of a graphical interface, which means you usually have to manage things manually through API calls. I think CyberArk has a better approach because it provides a UI that integrates features across all its components, making it easier, especially for new users or those from organizations with strict licensing policies."
"The documentation is very general; it should have more examples and more use cases."
"It would be helpful to have more advanced features."
"In terms of features, the only thing that I found a little bit hinky was that there was no revocation or deletion on the model we were using. Once in a financial year, a client interacts, and you pay for that client for the year. So, there are just little things like that in the pricing. There should be more clarity around the end of the key. I know there is no system like this. They all are the same. I tested Microsoft, Google, and some others, and none of them really want you to delete a key, which makes sense. You delete a key, and you lose everything that it has wrapped or encrypted, but it's actually just a language. Deletion isn't really deletion. It's really revocation, but overall, HashiCorp Vault ticked all the boxes for us, and I couldn't fault it."
"The onboarding is a challenge. It should be more self-service, but it involves reviews and approvals."
"I would like to see better integration of HashiCorp Vault with SAP products."
"Right now we have two products; there is the password manager and there is the authenticator app. Ideally, these should be fully integrated and support better handling of two-factor authentication or any other authenticator data."
"We have issues from time to time where, for some reason, it just keeps auto logging-out the user and then, the next day, they'll come in and it will work just fine."
"The management through the plugin is poor. It consumes tons of client resources especially as an administrator."
"The ability to set up an account expiration limit/date would be very useful."
"I also don't like the add-in for Internet Explorer and Google Chrome, because when you do the add-in, you can actually save that to your credentials in your IE, and the problem is, if I left my screen open, or any of the IT people leave their screen open someone could come up and access all their credentials in LastPass without having to put a password in within your own network. I don't like that functionality. We've banned that from any of our staff adding that as an add-in because we see that as a security risk."
"LastPass has a problem syncing the passwords to all of the users."
"Our biggest issue over the years was around the stability of the LDAP sync to AD."
"It is not super feature laden. It does not stand out versus the competition."
Earn 20 points
HashiCorp Vault is ranked 2nd in Enterprise Password Managers with 16 reviews while LastPass is ranked 17th in Enterprise Password Managers. HashiCorp Vault is rated 8.2, while LastPass is rated 7.4. The top reviewer of HashiCorp Vault writes "Easy to manage and maintain the password API but stability could be improved". On the other hand, the top reviewer of LastPass writes "Straightforward to set up, good support, intuitive to use, and offers good value for the cost". HashiCorp Vault is most compared with Azure Key Vault, AWS Secrets Manager, CyberArk Enterprise Password Vault, Delinea Secret Server and 1Password, whereas LastPass is most compared with Azure Key Vault, BeyondTrust Password Safe, Keeper, CyberArk Enterprise Password Vault and OneLogin by One Identity.
See our list of best Enterprise Password Managers vendors.
We monitor all Enterprise Password Managers reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.