One Identity Password Manager Reviews

* Allow end users to reset AD password by either answering security questions or by generating OTP

* Reduce load on helpdesk

* Allow end user self-service outside office hours by allowing access to self-service portal from outside corporate network

It allows end-users to reset their password by generating a one-time password (OTP) that they receive on their mobile. They're not dependent on the help desk. They can do self-service from anywhere in the world. So, if they're traveling, they can still reset their password or change the password. They are not locked out of their account at any given time.

The OTP part and self-service are most valuable. You are not dependent on the help desk people. 

It does have advantages over the other products that we are seeing. Other products don't have the out-of-the-box OTP option, whereas One Identity Password Manager has the out-of-the-box OTP option. It also has a cloud-based solution for generating OTPs. So, the customers can either opt for their own SMS gateway, or they can use the One Identity OTP option where they don't have to have an SMS gateway. With other products, customers must have their own SMS gateway.

One Identity Password Manager also has the option to synchronize the password with any connected application. For example, if there is an Oracle application or any other application, there is an option of synchronizing. Once the Active Directory Password is reset, you can synchronize the password with connected applications, so you don't have to separately reset the password in connected applications. I haven't come across this feature with any other solution.

If there is a self-service option to update the mobile number, it will be much more useful.

If possible, there should be an option for the cloud password reset and synchronization of the password to the cloud.

I have been using this solution for more than 17 years. 

It is very stable.

It is based on the Windows platform, so it is very easy to scale. It is suitable for small, medium, and large enterprises.

Their support is pretty good. I would rate them a nine out of 10.

Its initial setup is simple. A plain vanilla implementation could take a day to be up and running. This duration can vary if a customer has requirements for different password policies and different roles.

It doesn't require any maintenance.

Its price is on the cheaper side. It has a perpetual license, and everything is included in the license. You only have to pay separately for the SMS gateway or the OTP part.

It is suitable for all enterprises where end-users have to call the help desk people for resetting or changing the password and unlocking the account. If you try the wrong password three or four times, the account gets locked. In that case, an end-user needs to call the help desk people. On top of that, the help desk is not able to verify whether the end-user is the right person.

One of the requirements that many organizations have but don't know how to implement is validation. If I call by your name or some other person's name, the help desk people will allow me to reset the password. Validation is very important. You can implement validation easily in Password Manager. If you go with the OTP option, then you don't even need validation. The end-users will get an OTP on their mobile, and then they can reset the password.

I would rate One Identity Password Manager a nine out of 10.