Auth0® is an identity solution that provides secure access to any application, for any user. Safeguarding, according to the vendor, billions of login transactions each month, Auth0 delivers convenience, privacy, and security so customers can focus on innovation. Auth0 lets users integrate authentication and authorization for web, mobile, and legacy applications, with new Fine Grained Authorization (FGA) that goes beyond role-based access control. It can authenticate users…
$0
per month
Hypersocket
Score 8.0 out of 10
N/A
Hypersocket (formerly Nervepoint) enables organizations to efficiently manage and administer end users and their access to disparate systems by empowering end users to manage their own accounts across multiple systems both on-premise and in the cloud, while allowing IT to gain control over user sprawl, cut support and gain in-depth business insight.
Great for user authentication and access priviledge management. We are using it for both our commercial and financial clients and Auth0 meets all the regulations and due diligence required to close deals with these enterprise customers. Given their tiered pricing structure, we don't see a scenario where Auth0 would not be appropriate for the solution it provides.
HyperSocket is very well suited if the resources and budget are made available. There is not much a learning curve for the IT Department or for those users already familiar with two-factor authentication. There will be some education and training requirements for most end-users as the notifications and general verbiage can be confusing for some. It may also show some exploits within some end-users who are unaware of a notification but will use the email to reset an expired password without thinking twice if it may have been a phishing email or the opposite where an end-user deletes or ignores the expiration email notification expecting it to be spam/phishing.
Price point for ALL features can get a bit pricey. But they have a startup plan which helps big time. Developer plans start at $23/mo and do not include all features.
Actions, rules, hooks, and email customization are great features, but the UI is a bit tough sometimes, not very responsive to screen size and code editors are cut off in a difficult place to maneuver.
Help-Desk functionality similar to OneIdentity Self-Service Password Manager, as it provides additional users that do not require administrative access to assist with managing end-users who may have locked themselves out of HyperSocket Access Manager by forgetting their own security questions.
Too many features which become unusable and feel like the payment plans are not flexible since it's an all-in-one product with one price. It is not necessarily a bad thing as most subscription-based pricing forces a buyer to pay more for an integral service that is only available on the highest price-plan. You really do get what you pay for, but we found many of our use-case scenarios limited the product.
This isn't necessarily against the product, just a personal opinion around Multi-Factor authentication which is always primarily driven mobile devices. Not all companies or end-users have access to a multi-factor device, (or in our case, are allowed to have access to a cell phone while servicing members/clients). This creates a shortfall to allow multi-factor functionality to extend to all users unless there are hardware tokens, which can be miss placed or left out more easily as most users don't treat it the same way they would their personal smartphone.
It’s also convenient that Universal Login can be customized from the dashboard (branding/themes/templates) without rebuilding the whole auth UI. It loses a few points because the dashboard and advanced configuration have a real learning curve there are many settings and moving parts, and it can feel overwhelming when you’re doing anything beyond the basics
There isn't a clear method to get a hold of support when trouble arises if you're on their standard plan. You can file a support ticket and they generally are responsive. I've often been able to find similar questions to the questions I've had when it comes to support in their ticket history, however, some have been closed without a satisfactory conclusion for the original poster.
We went with Auth0 over Okta due to price concerns and the overall simplicity of Auth0. We chose Auth0 over Amazon Cognito because Cognito has very poor documentation and client library support. Auth0 offers a service that hits the sweet spot for organizations with small development teams and limited finances.
Nervepoint Access Manager (NAM) has the ability to deal with multiple domains. While ServiceNow at the time we looked at the solution did not (I do not know if it does now). NAM was a more polished, mature product.
As with any IT Service or Solution, the investment will always be seen as a sunk cost. The only ROI would be the time and resources spent elsewhere rather than with Password Management through an IT Department or similar department. I found that the time spent on password management was about the same, as many users who are frequently forgetting a password are also forgetting their security question & answers.
There are some positives, as it was able to help manage the bulk of their non-windows passwords or passwords related to another online service. The centralized password manager doesn't feel like a true single sign-on but for most users, it replaces a hand-written copy they have taped to a monitor.
It can help with automating some of the active directory workflows with its own user provisioning functionality. Took more time to set up than it was to manage on its own.
