Secret Server (originally from Thycotic, now from Delinea since the 2021 Thycotic merger with Centrify) is an enterprise password management application, which is available with either a cloud-based or on-premise deployment which emphasizes fast deployment, scalability, and simplicity.
N/A
KeePass
Score 9.3 out of 10
N/A
KeePass is an open source password manager which secures passwords in a database locked with a master password or key file.
KeePass is fine for individual use, but it does not meet the same objectives. There are a lot of products like KeePass that are just not as portable or robust, and do not have the kind of granularity Secret Server has. Being able to assign password permissions based on user …
Besides KeePass, I have used the built-in browser password vaults, like the one for Chrome. These however are not very secure as security can be bypassed. KeePass is lighter weight and could be considered more secure as it is not a website. You can also create alternate modes …
Great for managing access to secrets and servers and is more secure than storing passwords in a browser. The browser plugin to autofill passwords works well. Being able to schedule access ahead of time is a big plus for me as I can be forgetful. If you want a lightweight password vault, however, it may not be the best choice.
[KeePass] works extremely well for personal work passwords and personal-use passwords for home. It allows users to remember 1 single complex password in order to gain access to the entire database of passwords. It doesn't work so well if you want to sync passwords to multiple devices such as your computer or phone. It can be done, but it's not simple.
Password Management: Its entire purpose, really. Secret Server stores passwords in an incredibly easy to use way. They can be organized in groups, they contain all the information about the site or system the password is used for (including URLs for websites), and even a notes field. You can set up specific policies for expirations and complexity, and Secret Server can even generate strong passwords for you. Using a password is simple, too, since you can just click a button to add it to your clipboard; you don't even have to unmask the password.
Security: The passwords are stored encrypted in a SQL database, and the application requires an authenticated login. This could be local, but we tie it into Active Directory. Each folder of passwords has groups assigned (in our case, again, AD, but you can make them local groups) with different permission levels, so we can compartmentalize passwords. Desktop technicians don't have access to network switch passwords, etc.
Easy Setup: It took me about an hour to get the server running, from spinning up the VM to importing our old password list. It took a little longer to organize the passwords into proper folders, and then assigning groups, but it was easy to do.
Personal Passwords: Each user also gets a personal folder, where they can keep their own, unshared passwords. This is nice for sites or systems with individualized logins (e.g., a firewall, VPN, etc.)
Favorites: Secret Server lets you tag passwords as "favorites" so you can easily find ones you use constantly. The search feature is nice, but this is nicer.
The sharing functionality NEEDS improvement. We share most passwords at a group level, but then it becomes impossible to share them with a dynamic group and one or two one-off people as well. This is a major shortcoming.
I don't love the interface. I feel like there is an attempt at a dashboard, but it is really not effective.
I've heard, but never seen, that the software can actually change passwords in the target systems. If this is part of its deliverable, I do not know how to use it, and I don't know how you would do that. Seems like a great feature for password management.
I don't believe that this is so much a negative, but be sure that you keep your password database saved in a location that is accessible (even during an outage). Failure to do so will make it hard/impossible to recover passwords in the event that your database is unreachable (such as if a network drive failure).
My very good experience in the past 15 years of usage of KeePass makes it easy to decide for a renewal of this friendship. I was never disappointed and KeePass always meets my expectations. The software runs stable and if there should be a software error, it will be fixed in no time. This is customer satisfaction.
Search feature so you don't have to spend time looking for what you need. The ability to right click and save username and password, URL open options so your not locked to a particular browser were all key features we considered in the usability and adoption rate of this application. Highly recommend to any organization for credential management.
I have almost never had to contact support. This product has a wide community, a very expansive documentation/forum site where generally any question/issue already has an answer/fix or explanation/workaround, or plans for improvement in a future version. On the occasions that I have reached out, answers were fairly quick, useful, and respectful.
There were not very many solutions that provided the entire package of taking an account from creation and deactivating it when no longer needed, as well as providing the discovery of unknown service accounts. Other solutions like RoboForm and LastPass did not offer the ability to manage your service accounts and added layers of complication to ensure security.
KeePass is free and compatible with all the devices you or your customers and it has a lot of different uses. Is not only a password manager like Norton safe password or the avast's one. Like the password managers of the browsers, no, with KeePass every customer can find a useful way to share and keep secure I formations
