Delinea Secret Server Room for Improvement
MR
Mustafizur-Rahman
Senior Cyber Security Engineer at TechnoNext Ltd.
Whenever an update is applied to Secret Server, it requires downtime. Most of the time, the solution tends to fail, necessitating the need to pull data from backup servers. This is quite annoying and is an area where improvements are needed.
View full review »In many PAM tools, when users request a password checkout, they need to provide justification. However, in my experience across four organizations, nobody actually reads the justifications. Users can simply type anything and get the password. This becomes a risk and compliance issue.
There needs to be continuous improvement in this area, focusing on problem identification and mitigation strategies.
View full review »Delinea Secret Server can improve in areas like statistics and notifications, and risk scoring, especially for highly privileged accounts where financial transactions occur. Additionally, complex management features similar to BeyondTrust's PMUL for Unix and Linux might be an area for improvement.
View full review »Buyer's Guide
Delinea Secret Server
July 2025

Learn what your peers think about Delinea Secret Server. Get advice and tips from experienced pros sharing their opinions. Updated: July 2025.
861,481 professionals have used our research since 2012.
When Delinea upgrades the tool, it rejects our password, saying that it is not compliant and strong. Earlier, we used ten-character passwords which were strong and compliant. It is very difficult to change the password.
If we use a service account, most people are unsure where we use those accounts. If we reset the password to make it compliant, we are not sure what the impact will be. Either it should sync with the application automatically, or it has to inform us so that we can easily track and make it compliant with a strong password. This is the only feature that needs to be improved.
We use a mobile authenticator. Whenever we reset the account of a user who lost his password, it asks for a recovery code or key. When we generate it for the first time, it provides the recovery key. We have to save that key to reset it. If we do not save it, the end user cannot automatically change it.
He has to raise a ticket for the administrator, and the administrator has to reset it from the console side. It has to be made simple so that the end user can easily change his recovery key.
The integration with the ticketing system ServiceNow is complex. That can be enabled with an API-based out-of-the-box consumption. We have customized it, and the features cannot be used without customization. Ideally, there should be a direct mapping between our ticketing system to Delinea instead of having to do custom development.
View full review »PO
PHILIP OLANIYAN
Relationship Manager at Snapnet Ltd
It's a good, very good, superb even product, but the challenge for me with Delinea is that I may not be able to pitch it to an account with a low budget for PAM. Delinea is a good technical solution, but those with experience, especially in Thycotic, will find it easy to use Delinea.
View full review »
Occasionally, the proxy does not work so well. For example, when the custom client application is integrated with a Teams solution.
The server integration needs improvement.
We find the documentation hard to understand.
Support can sometimes be slow.
View full review »There's room for improvement regarding user interface and new functionality.
Cybersecurity is constantly evolving, so there will be features needed in the future. There is space to use AI in several aspects of the solution, however, I can't pinpoint which ones.
View full review »Delinea Secret Server needs to improve its reporting.
View full review »SI
Sharkrit Impat
Head of Platform Engineering at Ascend Group Co., Ltd.
It would be better if they had a Linux version of the secret server.
View full review »In terms of the user interface, it's good. However, installation can sometimes be difficult, depending on the environment. We are deploying it in our own private laboratory, not as a secret server cloud.
Additionally, CyberArk has a more robust site and development team compared to Delinea. They also provide more educational resources on recent happenings in cybersecurity, the latest attacks, newsletters that educate people in the field, and how to create two opportunities. Delinea could improve in research and development and educate the public on recent trends in the industry.
View full review »The setup for this solution is complex. I'm not going to lie, you need a specialized system security engineer to deploy it.
View full review »I formerly used only one service: the remote server. For example, I connected to the Active Directory user and the computer's console. But now, I need to do a remote connection to the domain controller. Maybe it only connects to that tool, the Active Directory users, and the computer management console, but not to the domain controller. Another thing Delinea could add is multi-factor authentication.
IS
IrmaShattuck
Program Manager at a recruiting/HR firm with 5,001-10,000 employees
We recently had to do a global reset of every company password, something we are still in the process of doing. While we had a few glitches, this likely attributes itself to them not having fully deployed, even as they owned the solution for a while. Now that we have done so, we find ourselves to be learning as we go, especially as concerns the various international laws, such as the GDPR. This said, it works well for us.
As I am partial to CyberArk, I rate Thycotic Password Reset Server as a nine out of ten, owing to the minor glitches I mentioned.
The initial setup was very straightforward for us. However, as it would not deploy easily with our 2019 servers, we were forced to make a few code changes. It continued to deploy for 2012, something I found to be odd, but started working flawlessly only after I made a few code changes.
My only negative thing to say about Thycotic would involve the servicing not having been written for 2019.
View full review »HG
Himanshu-Gupta
Senior System Analyst at a government with 1,001-5,000 employees
An area for improvement in Delinea Secret Server is its integration with ICAP servers. This integration would help in scanning for transfers and determining if they are one-way or not, and whether they contain values. Additionally, there is a need to enforce the copy-based policy across all secrets in the Delinea Secret Server platform, instead of having it as a personal configuration.
View full review »The customer service and support team could be improved, and the solution could be more user-friendly.
View full review »Some of the features need improvement.
Improvements are needed in session management, behavioral analytics, and the reporting segment.
View full review »PR
Peter Rajic
Technology Infrastructure Senior Analyst at a educational organization with 501-1,000 employees
Although the password policy was interesting, the default setting was inadequate. As a result, we had to change it to be 20 characters with symbols. It was an odd process, but it was relatively simple to adjust.
View full review »DR
Darius Radford
Principal Solutions Architect at a computer software company with 51-200 employees
When working with larger enterprises Thycotic Secret Server becomes a little cumbersome to work with because they do not allow as much flexibility as some of the other competitors, such as CyberArk. Thycotic Secret Server could improve by being more flexible when it comes to customization, and increase the number of API integrations.
In an upcoming release, there should be more AI and machine learning features. Some of the competitors are leaning in this direction.
View full review »ZG
Zebulon Griggs
Chief Executive Officer at Zigabyte
One thing that I wish they would do is to have a Kubernetes or container-based deployment supported, but they're not quite there yet. Containerization or support for containerization would be fantastic.
SM
Siddiq Mohiuddin Mohammed
Team Lead, System Infrastructure at GAL
The solution's remote support feature needs improvement.
View full review »The product can be improved by reducing the number of updates provided and limiting notifications to mainly major updates.
View full review »Delinea Secret Server can improve by extending the monitoring policies and making the performance better.
View full review »SI
Sharkrit Impat
Head of Platform Engineering at Ascend Group Co., Ltd.
They could improve the container platform and SPO. The cloud database technologies should be improved. The web browser isolation recording could be improved. When you do anything from the web portal, it cannot record properly. You can only record via remote desktop or secure share. But when the admin performs by web access we cannot record the session.
View full review »PV
Pathi Venkant
Security consultant at a financial services firm with 10,001+ employees
The UI needs improvement because the interface is a little clumsy.
View full review »MR
Mustafizur-Rahman
Senior Cyber Security Engineer at TechnoNext Ltd.
Support could be better. I have heard about a lot of problems in the Bangladesh market. People are saying that there are support issues. So, Delinea should focus on support and services.
View full review »If you look at Thycotic, it is a great product that has pretty much all the same features as CyberArk — which will be replacing it. There is not much difference between the two. We will be switching away from using Thycotic, however, before the end of the year.
The catalyst for the change was a formal comparison of the two products that we did using each to evaluate how we would use it in solving actual use case issues. In the presentation of the scoring over specific categories, CyberArk had slightly better professional service marks and the same price. Besides that, the two products were neck-and-neck and almost identical in the scoring. CyberArk just came out just a little bit better than Thycotic in the details, and not by much at all. Be that as it may, the formal comparison is the reason for the change.
View full review »The initial setup and deployment can be cumbersome. It's not an easy process.
View full review »I would like to see scheduled reports in a future release.
View full review »The main part of the product that could be improved is the API (Application Programming Interface). The Thycotic API is not very good.
View full review »I think that the main interface should integrate better with non-standard applications and clients, to connect with other systems. This would help to create a safe connection with non-standard systems.
I would like the capability to assign rights directly to the target system. This is a different topic because, at this point, it only handles credentials. However, the goal is to be able to create the account and assign the correct access rights on an application or a system.
View full review »EI
Eman Imad
Technical support engineer at FDS
One of the product areas that could be improved is the ease of handling SSL certificates within the application, as it currently requires manual command-line configurations.
View full review »In terms of what could be improved, the whole thing with distributed engines, et cetera, is a little bit tricky. Additionally, many clients wanted a more cloud version. I know there is a cloud version of Thycotic Secret Server, but a whole unified platform would be good, not like where you have to set up a connector with the distributed engine and then have the Thycotic Secret Server connect with all these. Making a simpler version of connecting different sites and synchronization of the groups that you already have. Then the secrets and folder templates would follow the current infrastructure pattern that the client has so you don't have to recreate new folders and secrets from scratch. In other words, more interoperability with other systems, for example if a user already has a Microsoft Azure subscription. So, the integration with Microsoft as well would be good.
The initial setup and deployment can be cumbersome.
We always ask for partner enablement, which is more like a soft requirement rather than a product requirement. It would be great if they can provide us deeper knowledge of their products for integration.
There are some things that I know are really important to include like A/B version features that are available in Windows. I would say that they should be included in the road map.
View full review »The solution is very good at improving based on customer feedback. If, for example, a customer asks for updated functionality, the next version will likely fit the requirements or requests. They're very responsive in that sense.
There could be tweaks here and there. For example, instead of going to one main function to do this and another main function to do that, the solution could remap the user interface so that a person only has to go through one function. The way that function branches off should make a bit more sense.
I'd like to see more automation on parts of the solution that cover APIs and disk space. There should be more automation in terms of what's out-of-the-box. It would help some customers as not all of them are knowledgable and well-skilled. It would make it easier for the layman.
View full review »They need to open a data center in Malaysia so that we can better provide cloud-based services to our customers.
I would like to see more training sessions made available online.
Having more detailed reporting would improve this solution.
View full review »FP
FabioPericoli
Director / Engineer at Provincia
I think the services could be improved by making it more 'friendly.' Documentation could be improved if they were to include more about connectors. Technically speaking, and in comparison to other software such as CyberArk, the documentation was not enough. CyberArk has extensive documentation and I believe Thycotic doesn't have enough.
The same applies for additional features - improved documentation in the next release would be helpful.
View full review »I would like to see the shadowing of ongoing terminal sessions (Remote Desktop Mirroring).
Recording of keyboards in the current Remote Desktop session would be a helpful feature.
We could definitely use some help with API tokenization. If we had a way to store tokens that would be fabulous.
View full review »One of the things that we want is to be able to do some of the management of it using APIs.
Also, their release schedule is slower than I would like. A better release cadence, more frequent releases, would be better, even if they were smaller.
View full review »I don't know what kind of a cryptographic it uses to encrypt the password but it should be one of the stronger ones. Some of the cryptos have been accessed by hackers. The encryption algorithm that they use is weak and could be hacked.
View full review »Session recording could offer more control and block certain actions or commands.
I have experience of other products that focus on session recording, so I’m aware of what advanced functionality can be achieved.
Specifically, I’m referring to:
* blacklisting and/or whitelisting certain commands
* OCR capabilities
Now I know these aren’t currently supported, but they may be available in future releases.
View full review »I would like to be able to create service accounts and set generated AD passwords from the web interface.
View full review »Referring to Secret Server v10, we want the ability to add subfolders to the "\Personal Folders" container. We had to rename it to "\Personal Secrets" to avoid confusion. Otherwise, you can create as many top-level folders and subfolders as you like. A minor annoyance for an otherwise awesome product.
View full review »We faced some upgrade issues, especially during the management and administration parts.
I found it less straightforward than on many other platforms, even outside password managers.
View full review »The discovery of accounts could be improved. It is also very expensive, and its price should be lower.
I'd prefer a better commercial model that includes partners and options for consulting around it. Where I've worked with my customers, we've only been able to use their professional services, and that has been a risk and constraint.
It would be helpful to have integration with various platforms, such as Azure Active Directory on multiple platforms. Adding this type of feature can add to Password Reset Server.
I would like to see improvement with the integration with Azure Active Directory. This would mean that we can have support on multiple platforms such as Windows, Linux, and Mac.
Currently, it is a standalone application, but if it could be combined with other Thycotic products, it would be a good on-premises, as one platform. It would be altogether a very good package.
TD
Taras Dubrova
BDM at Oberig-it
The tool should integrate additional features like OCR.
View full review »Buyer's Guide
Delinea Secret Server
July 2025

Learn what your peers think about Delinea Secret Server. Get advice and tips from experienced pros sharing their opinions. Updated: July 2025.
861,481 professionals have used our research since 2012.