We performed a comparison between HashiCorp Vault and LastPass based on real PeerSpot user reviews.
Find out in this report how the two Enterprise Password Managers solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It is user-friendly and easy to implement from any application point."
"The feature I find most beneficial in HashiCorp Vault is the secret engine. It integrates smoothly with many applications, making it easy to set up and implement quickly. This allows you to test it easily and see good results rapidly. When you integrate an internal API or application, it quickly manages that application's secrets."
"The solution is stable. It has been working perfectly without any problem."
"The tool's dynamic rotation of the password credentials is good."
"It can still be configured by a separate team other than developers. That's why I think it's more secure."
"We use the solution for secret management."
"This solution is easy to use and to integrate."
"The interface is very simple to navigate."
"Until now, I haven't found anything like the dashboard. It gives you a security score. I find that to be really great. The Sharing Center is really great as well. And the Security Challenge is really great too."
"The stability has been rock solid. A couple of years ago, they were breached. However, if you had two-factor authentication enabled, it didn't affect you. We did, so it has been good."
"One feature that is really important to us is the ability to create secure notes."
"Reduction in number of sensitive passwords stored insecurely on local systems."
"The shared folders is an important feature. It's the primary feature we use. Also, the ability for LastPass to autofill and hide the passwords, so we don't have to keep changing passwords every time a person leaves, is valuable."
"The most valuable feature is the liberty of keeping encrypted passwords and elevated information in a sealed vault."
"Tech support has been good. We haven't needed it much, because it is not a complex application. There is not that much you have to do with it."
"It is easy to use."
"A drawback for some clients who have to be PCI compliant is that they still need to use and subscribe to an HSM (Hardware Security Module) solution."
"The documentation is very general; it should have more examples and more use cases."
"I would rate the stability a six out of ten. There are some bugs and glitches. We are in touch with the vendor to resolve them."
"The solution's initial setup process is complicated."
"It would be helpful to have more advanced features."
"In terms of features, the only thing that I found a little bit hinky was that there was no revocation or deletion on the model we were using. Once in a financial year, a client interacts, and you pay for that client for the year. So, there are just little things like that in the pricing. There should be more clarity around the end of the key. I know there is no system like this. They all are the same. I tested Microsoft, Google, and some others, and none of them really want you to delete a key, which makes sense. You delete a key, and you lose everything that it has wrapped or encrypted, but it's actually just a language. Deletion isn't really deletion. It's really revocation, but overall, HashiCorp Vault ticked all the boxes for us, and I couldn't fault it."
"The onboarding is a challenge. It should be more self-service, but it involves reviews and approvals."
"I would like to see better integration of HashiCorp Vault with SAP products."
"The biggest thing is there is no good way to have LastPass rotate passwords without human intervention. Right now, we have to go into each folder, then rotate and manually update each password. It can be done it by loading a bunch of passwords into a spreadsheet, but this makes the whole process insecure because then the passwords have been noted into a spreadsheet which have to be upload. We have to go into 40 to 50 applications and manually update passwords, because we don't view their solution of writing a bunch of passwords on a spreadsheet, then uploading them as a secure solution. This should be done internally within LastPass."
"I would like to be able to reduce the log out time of the session."
"We have issues from time to time where, for some reason, it just keeps auto logging-out the user and then, the next day, they'll come in and it will work just fine."
"LastPass has a problem syncing the passwords to all of the users."
"The ability to set up an account expiration limit/date would be very useful."
"I also don't like the add-in for Internet Explorer and Google Chrome, because when you do the add-in, you can actually save that to your credentials in your IE, and the problem is, if I left my screen open, or any of the IT people leave their screen open someone could come up and access all their credentials in LastPass without having to put a password in within your own network. I don't like that functionality. We've banned that from any of our staff adding that as an add-in because we see that as a security risk."
"The management through the plugin is poor. It consumes tons of client resources especially as an administrator."
"One thing I wish LastPass had is an integration with Active Directory, not for synchronizing users but to actually manage, in some way, privileged accounts by replacing the password of LastPass itself."
Earn 20 points
HashiCorp Vault is ranked 3rd in Enterprise Password Managers with 16 reviews while LastPass is ranked 17th in Enterprise Password Managers. HashiCorp Vault is rated 8.2, while LastPass is rated 7.4. The top reviewer of HashiCorp Vault writes "Useful for machine-to-machine communication and has secret engine feature ". On the other hand, the top reviewer of LastPass writes "Straightforward to set up, good support, intuitive to use, and offers good value for the cost". HashiCorp Vault is most compared with Azure Key Vault, AWS Secrets Manager, CyberArk Enterprise Password Vault, Keeper and 1Password, whereas LastPass is most compared with Azure Key Vault, BeyondTrust Password Safe, Keeper, CyberArk Enterprise Password Vault and OneLogin by One Identity. See our HashiCorp Vault vs. LastPass report.
See our list of best Enterprise Password Managers vendors.
We monitor all Enterprise Password Managers reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.