We performed a comparison between BeyondTrust Password Safe and LastPass based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Amazon Web Services (AWS), HashiCorp and others in Enterprise Password Managers."The ability to manage privileged account passwords is the most valuable feature."
"BeyondTrust Password Safe is a good PAM tool."
"The best aspect of the product is the ability to onboard devices. You can scan the IP subnets and onboard all the devices. You can then segregate them if it's a network device or a firewall. If it's a Windows server or a UNIX, you can basically scan your IT infrastructure and onboard the efforts, which should be managed. Once they have been onboarded, then the session management and password management are easy and nicely configurable."
"One of the most valuable features is that this is a product designed with enterprises in mind."
"Screen recording is valuable, and integration with applications is easy. We can customize whatever we want. We did a lot of application integration using scripting."
"BeyondTrust Password Safe has good reporting and Smart Rules which makes it convenient. Though Smart Rules are convenient, those who do not have much experience with such things may find it difficult to understand how these things work. Otherwise, I find Smart Rules very convenient to work with."
"The performance is good."
"It simplifies your compliance and tracking to benchmark other credentials and analytics."
"Reduction in number of sensitive passwords stored insecurely on local systems."
"The shared folders is an important feature. It's the primary feature we use. Also, the ability for LastPass to autofill and hide the passwords, so we don't have to keep changing passwords every time a person leaves, is valuable."
"Increased security around password management for teams and collaborative efforts with external vendors."
"The initial setup for this process is straightforward and extremely easy. It just works."
"One feature that is really important to us is the ability to create secure notes."
"It's always hard to put a value on return on investment. You avoid one breach and it's paid for a million times over. We got a penetration test company internally, just to see how secure our network is, and there happened to be one bit of software that had been overlooked by an external company that managed it. It hadn't been upgraded so that managed to get them into the network. They would've been able to access through the test thing a file that we had previously. If that was a real-life scenario they would have been able to get into our network and get full access to our organization's passwords. If they did get in, they would have gotten access to the cloud. The ROI we see is that we are completely secured compared to what we had previously where there was a vulnerability."
"Scalability is fine, no issues with that, especially now that they have added different user-level permissions. That has made it a lot easier to delegate out certain features to have other people do."
"It's improved security; we don't have to worry about people storing password loosely and secure them."
"Its documentation can be improved. Its documentation is currently complicated, and it is not good. It needs to be better. Their technical support can also be improved. It is not bad, but it can be better."
"The product needs to have better integration with SAP products."
"We don't have much control over the appliance. When anything happens in the backend, we have to depend on the support team. We need to raise a case so that they can update the appliance. If we have control over it, we would be able to troubleshoot easily."
"Named accounts don't work well in this solution. If you use named accounts for your administrative access, the way Smart Rules work is that it takes your SAM account name and matches it to the account name of your privileged ID, which creates limitations on size and how big those names can be because the directory has a 20-character limit."
"The database instance onboarding should be simplified. The problem is that you can scan the assets and databases inside a server, but you cannot onboard them or manage them with the smart tools. It has to be done manually. I think they should try to include more custom platforms."
"When we deploy BeyondTrust, we have to deploy our own database on a SQL server. It doesn't deploy the database. I wish BeyondTrust packages the whole solution in one and includes the MySQL database so that when you deploy it, it deploys everything for you. BeyondTrust gives you the software, but you are in charge of setting up your own database. It is a single appliance just for the BeyondTrust portion but not the database. Unless that has changed in later releases, you have to set up your own database for BeyondTrust Password Safe. I find that part complex because we then need the expertise and help of the database team to set it up, which also increases the deployment time. If they can deploy the database, it will reduce the deployment time."
"I think that BeyondTrust Password Safe could be improved with more testing. In the beginning, they were practically using customers as beta testers. Maybe the product has evolved since I last used it, but if you look at PAM, privileged access management, whatever's out there has already been done. I don't see there being any other enhancements that are being made regarding PAM, except to support more cloud-based applications."
"We'd like to have incremental backups to ensure the solution's information is protected regularly."
"The ability to set up an account expiration limit/date would be very useful."
"I would like to be able to reduce the log out time of the session."
"The management through the plugin is poor. It consumes tons of client resources especially as an administrator."
"We have issues from time to time where, for some reason, it just keeps auto logging-out the user and then, the next day, they'll come in and it will work just fine."
"Its user interface should be better, and there should probably be more information about scalability."
"It is not super feature laden. It does not stand out versus the competition."
"The biggest thing is there is no good way to have LastPass rotate passwords without human intervention. Right now, we have to go into each folder, then rotate and manually update each password. It can be done it by loading a bunch of passwords into a spreadsheet, but this makes the whole process insecure because then the passwords have been noted into a spreadsheet which have to be upload. We have to go into 40 to 50 applications and manually update passwords, because we don't view their solution of writing a bunch of passwords on a spreadsheet, then uploading them as a secure solution. This should be done internally within LastPass."
"LastPass has a problem syncing the passwords to all of the users."
Earn 20 points
BeyondTrust Password Safe is ranked 5th in Enterprise Password Managers with 19 reviews while LastPass is ranked 17th in Enterprise Password Managers. BeyondTrust Password Safe is rated 7.6, while LastPass is rated 7.4. The top reviewer of BeyondTrust Password Safe writes "Allows us to automatically rotate passwords, set the complexity, and enforce password policies on privileged accounts". On the other hand, the top reviewer of LastPass writes "Straightforward to set up, good support, intuitive to use, and offers good value for the cost". BeyondTrust Password Safe is most compared with HashiCorp Vault, Azure Key Vault, Delinea Secret Server, BeyondTrust Privileged Remote Access and CyberArk Enterprise Password Vault, whereas LastPass is most compared with Azure Key Vault, HashiCorp Vault, Keeper, CyberArk Enterprise Password Vault and OneLogin by One Identity.
See our list of best Enterprise Password Managers vendors.
We monitor all Enterprise Password Managers reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.