Try our new research platform with insights from 80,000+ expert users
it_user882720 - PeerSpot reviewer
SOC Manager at a retailer with 5,001-10,000 employees
Real User
Reduction in number of sensitive passwords stored insecurely on local systems
Pros and Cons
  • "Reduction in number of sensitive passwords stored insecurely on local systems."
  • "Increased security around password management for teams and collaborative efforts with external vendors."
  • "The ability to set up an account expiration limit/date would be very useful."
  • "Our biggest issue over the years was around the stability of the LDAP sync to AD."

What is our primary use case?

Our primary use case is for enterprise password management.

How has it helped my organization?

  • It increased security around password management for teams and collaborative efforts with external vendors. 
  • A reduction in the number of sensitive passwords stored insecurely on our local systems.

What is most valuable?

For our company:

  • Enterprise admin console
  • Reporting
  • Integration with Active Directory

What needs improvement?

  • It needs more flexibility/functionality around making enterprise changes. 
  • It needs more granular admin capabilities for a global distributed company. 
  • The ability to set up an account expiration limit/date would be very useful.
Buyer's Guide
LastPass
October 2024
Learn what your peers think about LastPass. Get advice and tips from experienced pros sharing their opinions. Updated: October 2024.
814,763 professionals have used our research since 2012.

For how long have I used the solution?

Three to five years.

What do I think about the stability of the solution?

We have had some issues, such as our 'security score bug' and various minor issues. Our biggest issue over the years was around the stability of the LDAP sync to AD. This now seems to have been largely resolved.

What do I think about the scalability of the solution?

There are some challenges around global administration.

How are customer service and support?

Technical support is generally pretty good, but they are not easy get on the phone with quickly.

Which solution did I use previously and why did I switch?

We did not previously have an enterprise solution. Various groups used ad hoc systems.

How was the initial setup?

The initial setup was fairly straightforward.

What's my experience with pricing, setup cost, and licensing?

You do not have to purchase licenses for your entire organization. You can scale as adoption grows.

Which other solutions did I evaluate?

We did not evaluate other solutions.

What other advice do I have?

You should make sure you know what you are doing before you sync with AD, or you could have a mess on your hands to clean up.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
it_user608778 - PeerSpot reviewer
System Administrator at a tech services company with 51-200 employees
Consultant
It consumes tons of client resources, especially as an administrator.
Pros and Cons
  • "Off-boarding of people is easy without changing shared account passwords."
  • "The management through the plugin is poor. It consumes tons of client resources especially as an administrator."

What is our primary use case?

Primary usage is password management and sharing of credentials.

What is most valuable?

  • Sharing passwords
  • Deactivating users
  • Controlling company logins
  • Import existing credentials from different file formats.

How has it helped my organization?

Off-boarding of people is easy without changing shared account passwords.

Sharing Passwords with new employees for quick onboardings.

What needs improvement?

There is no group inheritance.
The management through the plugin is poor. It consumes tons of client resources especially as an administrator.
The plugin crashes from time to time.
URL recognition is difficult especially when adding new credentials, LastPass saves the Account creation url. Also when resetting a password, Lastpass recognizes the password change, great, but it also adds the password reset URL to the site. So when using the plugin and navigating to the saved url, you always end up in the password reset URL of the respective service.
As well you need to double check the settings. You have 3 options (hide passwords, read only, administrator) but when sharing a folder with a group or user, the check boxes randomly change, so you need to open the share settings again to check the checkboxes.
All passwords can be read if you are familiar with input fields and their manipulation. This is something LastPass might not be responsible but there must be an implementation if the input field is not "Password" that it does not fill in then password.
Further more there are several websites with Javascript features in the password field like "show pass" or other fancy features which overlay the Lastpass plugin and deny the Lastpuss button in the input field to be used.
The search is poor, got better with the recent update for chrome browsers.
credentials are not sorted by letter.
You cant share single credentials out of a folder to individuals. So either you extract the single entry into a new folder and share it with former group and single person or you share the whole folder to the user. This makes it a bit messy and having in mind that the plugin is really really slow you rather want to have fixed folders with fixed groups on the folder and add indivduals in the enterprise panel --> groups section. With the limitations mentioned you end up with almost same amount of groups as users in your account.

For how long have I used the solution?

We have been using this service for two and a half years now.

What was my experience with deployment of the solution?

Updates for browsers are not as regular as security issues arise.

What do I think about the stability of the solution?

We have had stability issues several times.

What do I think about the scalability of the solution?

The more credentials you have the slower this app is.

How are customer service and technical support?

Support answers quickly when enterprise customers call/write. Solutions are sometimes poor and un-reproducible. For example, they ask if you can logoff, login, or restart your computer which have no effect on the error reported. As well there are problems with shared credentials not available to allowed shared users and also available to not allowed users. After filing a ticket, magically it is solved without any feedback from support why this happened. This makes it really dangerous if you trust this software and by accident recognize on a client machine that the user has access to credentials which shouldnt be in the vault of the user.

Which solution did I use previously and why did I switch?

We used keepass before.

Why we switched: Because we believed in feature and usage improvement, as well as more credential control.

How was the initial setup?

The installation was not at all straightforward. Naming is hard, URL recognition is painful, and auto-fill is freaking people out. Imagine you have 100 different logins for Google (Adwords, Analytics, personal, merchant), and LastPass always fills out the first match, based on the URL.

What about the implementation team?

Inhouse.

What's my experience with pricing, setup cost, and licensing?

If you import from sources like XML, keepass, CSV files be sure to clean the import files, this reduces the adjustments in the slow tool itself. So take some extra effort to have clean files when moving to LastPass otherwise you end up manipulating each individual entry.

Which other solutions did I evaluate?

We have not evaluated other options, we were more or less early adopters and haven't tried other solutions.

What other advice do I have?

Consider picking another solution.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
LastPass
October 2024
Learn what your peers think about LastPass. Get advice and tips from experienced pros sharing their opinions. Updated: October 2024.
814,763 professionals have used our research since 2012.
Network Engineer at a tech services company with 1-10 employees
Real User
Dashboard with a security score, along with the Security Challenge, are great features
Pros and Cons
  • "Until now, I haven't found anything like the dashboard. It gives you a security score. I find that to be really great. The Sharing Center is really great as well. And the Security Challenge is really great too."
  • "One thing I wish LastPass had is an integration with Active Directory, not for synchronizing users but to actually manage, in some way, privileged accounts by replacing the password of LastPass itself."

What is our primary use case?

Primary use case is to manage passwords and synchronize passwords for accounts, between the users that have permission to access those accounts.

How has it helped my organization?

If you have a password manager, there's improvement for the organization, of course. For the users themselves, they're using more complicated passwords; no more having the same password everywhere. And to access the Vault, you need two-factor identification: a master password and the two-factor. And all of this is encrypted. So security has increased. For those who are using it in the organization, it has improved their security for sure.

What is most valuable?

  • Until now, I haven't found anything like the dashboard. It gives you a security score. I find that to be really great.
  • The Sharing Center is really great as well.
  • The Security Challenge is really great too. I like that feature.

What needs improvement?

From a technical standpoint, it's working great. I don't see many issues. One thing I wish LastPass had is an integration with Active Directory, not for synchronizing users but to actually manage, in some way, privileged accounts by replacing the password of LastPass itself.

Also, at the moment, for the whole company, we are going to use software called Passportal. The main reason is the synchronization of the automation of password changes. That is really important. I know LastPass can change them for 75-plus websites if they don't have two-factor identification. If they do have two-factor identification, you cannot change them. In case of an emergency, there's no one-click button to change your password.

For how long have I used the solution?

Three to five years.

What do I think about the stability of the solution?

Until now, I haven't experienced any instability with LastPass. I have used LastPass myself for the last three to five years. For the company, I implemented it about five to six months ago.

What do I think about the scalability of the solution?

I don't think there is an issue with scalability. But if your going on an Enterprise Environment where you would like more Advanced option for an Enterprise Password Management solutions Like for example Automatic Password Import(in Remote Desktop, and other in house Applications) so the users don't have a way to copy the password and see it, Automatic Password Replacement ( For Example in case of Emergency Replace all passwords because of Rogue Engineer  or after an Engineer uses a password for an immediate password replacement, User Session Recording for Administrator when there using an administrator password and allot more. 

How are customer service and technical support?

My only concern up until now is the communication, especially since this is for work. They do respond but sometimes, if you want to get in contact with somebody, it's really difficult when it comes to LastPass.

For example, I started LastPass Enterprise and I tried to contact sales or a contact person. For me to actually get in touch with somebody was really difficult. I even tried to give my name and email and they told me they would get back in contact with me. At first, I thought it may be something with my email domain, that maybe something about LastPass was dropping my emails. Then I started using my live domain email. Even so, I didn't receive any contact. So, my experience with LastPass is that it's a great solution, but when it comes to communication and support, it has been tough.

When it comes to opening a ticket, they do respond within one day. But, for immediate contact, no. It was crazy, especially in the beginning because I was so enthusiastic, I wanted to start right away. I tried for three weeks to a month to contact sales because I had many questions. It got so crazy that for me to actually get in contact with LastPass I even called LogMeIn to see if they could find a way to transfer me to LastPass.

LastPass is a great solution, but, because of the communication, I didn't actually start it as a solution for our enterprise business. That's why it has been only for four to five users.

How was the initial setup?

It was one of the easiest for implementing passwords. You can sync it with Active Directory. There were certain sites that I couldn't sync it with and I needed to input a password manually but it was really straightforward. Their interface is really easy to understand. It's not too difficult.

It took less than one day to get everybody onboard, the five people using it. It was really easy. The only thing they needed to do was import some passwords that they had and change some passwords.

What about the implementation team?

I did it myself.

What's my experience with pricing, setup cost, and licensing?

This is the best Pricing you will get a for Password Management solutions.

Which other solutions did I evaluate?

I have been involved with many password managers. Passportal, Secret Server, CyberArk, and BeyondTrust. I chose LastPass for our organization because of the pricing. The organization didn't want to implement something really expensive. LastPass, for what it's offering, for the price at which it's offering the service, is unbeatable.

The licensing for LastPass is straightforward.

What other advice do I have?

If you're looking for a password management solution that can hold your passwords and share passwords among employees, one that is cloud-based - and even without the internet you can still access passwords - and if you need a solution that that has the best price for the best product, LastPass is the one. But if you're a person who works in IT who wants to put passwords in privileged accounts and manage them with automation and everything that an enterprise password manager is required to do, LastPass is not the solution for you. You have to search for something else.

In our organization, the roles of the LastPass users are just below executive level. Their decisions, and what they do, can influence the company. They manage LastPass themselves. In the Sharing Center is the Shared folder. If somebody is going to change a password, they need permission to do so. In our case, they all have permission to change a password. If a password is changed, it's changed. That's it. I don't really see the need for a person to maintain LastPass.

The two main reasons my company cannot move to LastPass are because of the synchronization issue and the poor communication.

I rate LastPass at eight out of ten. It offers everything you need for a password management solution. The con that makes it less than a ten is the communication with support and sales. Normally, you just contact sales at a company and you can reach them easily, to start gathering information, to talk with them about your plan and, sometimes, to get a demo, based on your plan. I didn't have that with LastPass.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
Identity & access specialist at a consumer goods company with 5,001-10,000 employees
Real User
Easy to use and stable, but needs better user interface and more information about scalability
Pros and Cons
  • "It is easy to use."
  • "Its user interface should be better, and there should probably be more information about scalability."

What is our primary use case?

We use it for keeping track of the passwords and ensuring that we have a good level of password complexity.

What is most valuable?

It is easy to use.

What needs improvement?

Its user interface should be better, and there should probably be more information about scalability.

For how long have I used the solution?

I have been using this solution for three months.

What do I think about the stability of the solution?

I haven't had any timeouts or anything like that, so I would say it is stable.

What do I think about the scalability of the solution?

I don't know about its scalability. This is a point that I'm trying to figure out.

We have about 15 users who are evaluating it. Its usage will depend on the outcome.

How are customer service and technical support?

I haven't tried their technical support.

What other advice do I have?

From what I've seen, I would recommend this solution to others depending on their needs.

I would rate LastPass Enterprise a seven out of ten.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Download our free LastPass Report and get advice and tips from experienced pros sharing their opinions.
Updated: October 2024
Buyer's Guide
Download our free LastPass Report and get advice and tips from experienced pros sharing their opinions.