We performed a comparison between IBM Security Verify Access and LastPass based on real PeerSpot user reviews.
Find out in this report how the two Single Sign-On (SSO) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."From the integration point of view, it supports SAML, OIDC, and OAuth. For legacy applications that don't have support for SAML and other new protocols, it provides single sign-on access to end-users. From the integration compatibility point of view, it is highly capable."
"I have found this solution to be really practical and when a user wants to log in, it is effortless and runs smooth."
"Its stability and UI are most valuable."
"It's a good solution for identification and access management."
"The tool provides a password vault, single sign-on, and multifactor authentication. It offers various authentication methods like fingerprint integration, one-time passwords, or tokens sent via email or SMS. This ensures secure access to your accounts by providing multiple authentication options."
"The solution has powerful authentification and authorization. It offers a good way to increase security."
"The most valuable feature of IBM Security Access Manager, at least for my company, is multi-factor authentication. That's the only feature my company is using. The solution works well and has no glitches. IBM Security Access Manager is a very good solution, so my company is still using it."
"Off-boarding of people is easy without changing shared account passwords."
"The initial setup for this process is straightforward and extremely easy. It just works."
"Tech support has been good. We haven't needed it much, because it is not a complex application. There is not that much you have to do with it."
"Until now, I haven't found anything like the dashboard. It gives you a security score. I find that to be really great. The Sharing Center is really great as well. And the Security Challenge is really great too."
"Reduction in number of sensitive passwords stored insecurely on local systems."
"The shared folders is an important feature. It's the primary feature we use. Also, the ability for LastPass to autofill and hide the passwords, so we don't have to keep changing passwords every time a person leaves, is valuable."
"It's always hard to put a value on return on investment. You avoid one breach and it's paid for a million times over. We got a penetration test company internally, just to see how secure our network is, and there happened to be one bit of software that had been overlooked by an external company that managed it. It hadn't been upgraded so that managed to get them into the network. They would've been able to access through the test thing a file that we had previously. If that was a real-life scenario they would have been able to get into our network and get full access to our organization's passwords. If they did get in, they would have gotten access to the cloud. The ROI we see is that we are completely secured compared to what we had previously where there was a vulnerability."
"This product helps keep us secure."
"Configuration could be simplified for the end-user."
"The solution could be classified as a hilt system. There are a lot of resources being used and it is suitable for very large enterprises or the public sector."
"The user interface needs to be simplified, it's complex and not user-friendly."
"What we'd like improved in IBM Security Access Manager is its onboarding process as it's complex, particularly when onboarding new applications. We need to be very, very careful during the onboarding. We have no issues with IBM Security Access Manager because the solution works fine, apart from the onboarding process and IBM's involvement in onboarding issues. If we need support related to the onboarding, we've noticed a pattern where support isn't available, or they don't have much experience, or we're not getting a response from them. We're facing the same issue with IBM Guardium. As we're just focusing on the multi-factor authentication feature of IBM Security Access Manager and we didn't explore any other features, we don't have additional features to suggest for the next release of the solution, but we're in discussion about exploring ID management and access management features, but those are just possibilities because right now, we're focused on exploring our domain."
"They can improve the single sign-on configuration for OIDC and OAuth. That is not very mature in this product, and they can improve it in this particular area. OIDC is a third-party integration that we do with the cloud platforms, and OAuth is an authorization mechanism for allowing a user having an account with Google or any other provider to access an application. Organizations these days are looking for just-in-time provisioning use cases, but IBM Security Access Manager is not very mature for such use cases. There are only a few applications that can be integrated, and this is where this product is lagging. However, in terms of configuration and single sign-on mechanisms, it is a great product."
"There are a lot of areas that can be improved, but the main area is the lack of customization. You cannot easily customize anything in the product. It is not easy to tweak the functionality. It is challenging to change the out-of-the-box functionality."
"The user interface for users and administrators could be improved to make it easier. Automating some functions could also be beneficial."
"One thing I wish LastPass had is an integration with Active Directory, not for synchronizing users but to actually manage, in some way, privileged accounts by replacing the password of LastPass itself."
"LastPass has a problem syncing the passwords to all of the users."
"Our biggest issue over the years was around the stability of the LDAP sync to AD."
"I struggle a little bit with the mobile app. As a browser extension, it works really well, and we are able to get to what we need to. However, on the phone, it's not quite as easy to navigate."
"The management through the plugin is poor. It consumes tons of client resources especially as an administrator."
"The biggest thing is there is no good way to have LastPass rotate passwords without human intervention. Right now, we have to go into each folder, then rotate and manually update each password. It can be done it by loading a bunch of passwords into a spreadsheet, but this makes the whole process insecure because then the passwords have been noted into a spreadsheet which have to be upload. We have to go into 40 to 50 applications and manually update passwords, because we don't view their solution of writing a bunch of passwords on a spreadsheet, then uploading them as a secure solution. This should be done internally within LastPass."
"Right now we have two products; there is the password manager and there is the authenticator app. Ideally, these should be fully integrated and support better handling of two-factor authentication or any other authenticator data."
"I would like to be able to reduce the log out time of the session."
Earn 20 points
IBM Security Verify Access is ranked 14th in Single Sign-On (SSO) with 7 reviews while LastPass is ranked 22nd in Single Sign-On (SSO). IBM Security Verify Access is rated 7.8, while LastPass is rated 7.4. The top reviewer of IBM Security Verify Access writes "Supports on-prem and cloud environments, has good integration capabilities, and is easy to adopt". On the other hand, the top reviewer of LastPass writes "Straightforward to set up, good support, intuitive to use, and offers good value for the cost". IBM Security Verify Access is most compared with Microsoft Entra ID, Okta Workforce Identity, ForgeRock, F5 BIG-IP Access Policy Manager (APM) and CyberArk Privileged Access Manager, whereas LastPass is most compared with Azure Key Vault, BeyondTrust Password Safe, HashiCorp Vault, Keeper and CyberArk Enterprise Password Vault. See our IBM Security Verify Access vs. LastPass report.
See our list of best Single Sign-On (SSO) vendors.
We monitor all Single Sign-On (SSO) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
