Likelihood to Recommend The system is great for enterprise or larger IT departments or teams where temporary or full access may be given using privileged IDs. Requirements for needing local admin access is also eliminated which can help with specific Windows workstation related tasks. It can be very useful when working with remote teams or contractors who may need temporary access to a system when required.
Read full review HID DigitalPersona works well in corporate settings with a variety of IT requirements, high-security apps, mobile and remote workers, and compliance-driven businesses. It might be less appropriate for contexts with low security requirements where more straightforward authentication solutions are more workable, small enterprises, legacy systems, and limited IT resources.
Read full review Pros Automatically discover new servers on the network and take control of the local admin password by vaulting it and ensuring nobody knows the password. A different password on every server. Automatically roll the password in a configurable manner - after each use, after a certain period of time, etc. Track and govern sensitive account usage by ensuring only properly authorized users can access the vault and obtain the credentials and then monitor usage. Read full review Speeding up the login process with fingerprint in PIN rather than having to remember a long password. Our IT department has seen a huge decrease in the amount of account lockout and forgot password calls. It is highly customizable to meet the needs of remote or on-premises workers. It is all configurable through group policy, so it is very easy to set specific requirements on certain groups. Setup was quick and the administration guides are very easy to follow if you need to go back in and adjust things. Read full review Cons GUI - right now everything is on one page/dashboard. Some level of folder/Safe type view would be great More options when storing passwords - especially for network based passwords Better integrations with vendors like Cisco so that admins dont need to really get the password from the vault (think Last Pass type add on) Read full review I find that sometimes I have had to delete a users fingerprints and re-add them. There must be something going on where the software believes that the user has changed their fingerprints. I have on occasion come across a person where the reader was unable to create fingerprints for that user. It would be interesting to see if the sensitivity of the 4500 reader could be improved on. I find that using the DigitalPersona software makes the users ultimately forget their passwords. Maybe every once in a while the software could require the user to type in their Windows password to help them remember it. Read full review Likelihood to Renew It is wonderful for multifactor authentication and gives us many options for what we use to authenticate. All of our users use it and it is engrained into our group policies and people would be very disappointed if it went away.
Read full review Usability I think there are still fundamental enhancements needed to be added to the management consoles and I think there ought to be a Centralized, Windows Based "Thick" Management Application instead of individual utilities which vary from MMCs, Scripts, Wizards, etc.
Read full review Support Rating Customer support and technical support have always been great when we require assistance. Especially when we come across issues that we're not familiar with.
Read full review Extremely poor; I've never encountered such. Professional Services completely dropped us for months. Crossmatch tech support seems like it has 3 techs tops! No response to emails, calls, the absolute worst! I will never recommend DP to anyone.
Read full review Implementation Rating Could use tools to audit license usage at a more granular level as to allow an administrator to free up licenses from users whom seldom use their biometrics to login.
Read full review Alternatives Considered It is known as one of the safest products in the market. It has good support and is also available as on-premise. You can run it virtually on VMWare (and probably on other hypervisors as well). You can have a second instance on bare metal and that makes it a very safe system.
Read full review We have used One Identity for software tokens. The Defender software tokens were originally included with our bundle and work pretty well for integration into the AnyConnect VPN client with Cisco. All that said, we use the two products for different applications and DP does what it does very well.
Read full review Return on Investment Decreased the probability of an external cyber attack to privileged accounts.. Management can control privileged account life cycle management more effectively Recording privileged sessions allows our organization to play back exactly the point of a breach or malicious behavior Automated system to manage and verify passwords, as privileged accounts are constantly created and deleted Automatic PWD change functionality will substantially decrease probability of PWD theft or misuse. Read full review I'm happy to say I'm not involved in budgeting or finance, but the financial benefits are easy to state: Less helpdesk time - helpdesk staff don't have to spend time resetting people's passwords. Users don't have to wait for Helpdesk to get around to helping them log in. Read full review ScreenShots CyberArk Privileged Access Management Screenshots