TrustRadius Insights for Delinea Secret Server are summaries of user sentiment data from TrustRadius reviews and, when necessary, third party data sources.
Recommendations
Based on user reviews, here are the common recommendations for the software:
Try the free version or free trial to test if it meets your needs.
Evaluate the software in your own environment before making a decision.
Consider using alternative browsers like Chrome instead of Firefox for better performance.
Report any bugs experienced to help improve the software.
These recommendations offer valuable insights for potential users to consider when evaluating the software's suitability for their organization.
We have built an integrated solution comprising a Monitoring tool, a Service management tool, and a PAM tool, namely Delinea, for our product offering to provide an observability solution. Delinea is used for onboarding all CIs to have a secure channel to access from our support teams. It serves the purpose of maintaining the user credentials in a secure console and has an audit trail for all accesses made to the customer infrastructure. At any point in time, we can also identify when somebody has made changes to the infrastructure.
Pros
Remote connection to infrastructures.
Maintaining an audit of remote connections.
Video snapshot of activities done on the infrastructure.
Cons
Individual login credentials can be used for infrastructure connection.
Better integration with the ITSM solution to validate the incident or ticket numbers.
Server onboarding is a bit manual. Need better ways to onboard.
Likelihood to Recommend
I would recommend Delinea to any organization or colleague, as I have used it to support our shared services model, as well as a dedicated model for people support to customers, for privileged access management. Delinea has provided us with effective methods for handling unnecessary login attempts to the customer infrastructure. Additionally, the connection thread is available in the audit trail for review, which is a valuable feature to have.
VU
Verified User
Consultant in Information Technology (10,001+ employees)
It allows us to have a password repository, as well as give out access to the password repository on a role based scenario. We are able to give different business units different accessed based on the type of password and what the password is used for. It also gives us the ability for those different business units to create their own passwords without having to put in a ticket for access.
Pros
ease if use
secure
compartmentalized
Cons
the layout can be a little clunky
Likelihood to Recommend
I think scenarios where it would be appropriate is where if there are many different units or teams that need the ability to store their passwords for different applications or service accounts as well as the ability to create their own without having to go to a certain team and open a ticket to do so. Where it's less appropriate is probably a smaller shop without many passwords to keep track of
VU
Verified User
Engineer in Information Technology (201-500 employees)
We use it to store secrets (passwords) for websites and applications. Secrets for production access can also be checked out in approved time windows, meaning you can schedule the access ahead of time. This is a great way to manage and approve this type of privileged access. Secrets can be individual or shared within a team.
Pros
Store and access secrets (passwords) securely.
Manage access to secrets and servers.
Autofill secrets via browser plugin.
Cons
Personally I would prefer an app instead of a website.
Can be too many options. Sometimes I just want to add a secret quickly.
Can be slow to adopt until you get used to how it works.
Likelihood to Recommend
Great for managing access to secrets and servers and is more secure than storing passwords in a browser. The browser plugin to autofill passwords works well. Being able to schedule access ahead of time is a big plus for me as I can be forgetful. If you want a lightweight password vault, however, it may not be the best choice.
We use Thychotic Secret Server for privilege access management. All our admin and service accounts are managed through the software. We engage in password rotation, automated login through Thychotic interface into servers and other privileges environments. It enables us to be able to maintain secure access across our various environments which include production, development, staging, tests, etc. without having to engage in cumbersome password and access management.
Pros
Password Rotation
Ability to check in and check out credentials
Automated logins directly from Thychotic into the protected resource
Cons
Ease of integration with Identity and Access Management tools
Likelihood to Recommend
Thycotic Secret Service is especially well suited for password management through password rotation. This makes it easy to implement complex password management policies by defining regular rotations. The ability to have Thychotic log a user directly into the protected resource without having to know the password makes it well suited in our environment. This ensures that our passwords are complex without having to keep remembering them.
VU
Verified User
Team Lead in Information Technology (10,001+ employees)
Serves as a password vault and rotates credentials on schedule. It helps solve problems with managing and remembering where your service accounts are running.
Pros
Works well with RBAC, workflow for access requests, and approvals for third parties.
Allows monitoring and recording of remote sessions.
Available for on-premise and cloud.
Cons
Implementation can take some time to get everything running.
Does not actually find all your service accounts.
Likelihood to Recommend
Appropriate when trying to manage many services with high-level privileges across many machines. Not really a tool to just save your passwords like LastPass or Pleasant Password Server. Useful when you require auditing of user access.
VU
Verified User
Administrator in Information Technology (501-1000 employees)
We use Secret Server not only as a place to store passwords but also as a tool to rotate our passwords on a consistent basis on multiple platforms. We also use it as a "jump host" via RDP and SSH. Mainly our IT department uses it, but we also have other departments using it as well. Hopefully, in the future, Secret Server will allow you to use HTTPS as one of its proxies.
Pros
Centralized password repository
Ability to rotate passwords
Cons
The Secret Server mobile app is terrible!
HTTPS isn't supported as a proxy
Likelihood to Recommend
Using Secret Server as a centralized password repository is a must in today's world where every password needs to be different. Being able to have passwords rotated is another must as passwords should be frequently changed. If they could improve their mobile app, that would be fantastic!
Our IT department utilizes Secret Server to store our passwords for our privileged accounts. There are several departments we currently support the use of Secret Server for.
Pros
Role-Based access. Users only have access to the secrets they need within their department based on their role.
Secret Server authenticates with Active Directory for easy connectivity.
Cons
It can be difficult at times figuring out how to architect a new group within the solution. Often times it takes a couple attempts to get it right.
Likelihood to Recommend
Secret Server is a great tool for privileged access management. Not only can you securely store passwords, but users can access their servers within this solution without ever having to view or enter the password.
VU
Verified User
Engineer in Information Technology (1001-5000 employees)
We currently use Secret Server within the IT department only. It keeps track of all of our shared passwords— systems, websites, support sites—in one centrally located, secure place. The department used to use a shared desktop application that was hard to keep up to date, and frequently resulted in passwords being recorded elsewhere unofficially, and as less secure.
Pros
Password Management: Its entire purpose, really. Secret Server stores passwords in an incredibly easy to use way. They can be organized in groups, they contain all the information about the site or system the password is used for (including URLs for websites), and even a notes field. You can set up specific policies for expirations and complexity, and Secret Server can even generate strong passwords for you. Using a password is simple, too, since you can just click a button to add it to your clipboard; you don't even have to unmask the password.
Security: The passwords are stored encrypted in a SQL database, and the application requires an authenticated login. This could be local, but we tie it into Active Directory. Each folder of passwords has groups assigned (in our case, again, AD, but you can make them local groups) with different permission levels, so we can compartmentalize passwords. Desktop technicians don't have access to network switch passwords, etc.
Easy Setup: It took me about an hour to get the server running, from spinning up the VM to importing our old password list. It took a little longer to organize the passwords into proper folders, and then assigning groups, but it was easy to do.
Personal Passwords: Each user also gets a personal folder, where they can keep their own, unshared passwords. This is nice for sites or systems with individualized logins (e.g., a firewall, VPN, etc.)
Favorites: Secret Server lets you tag passwords as "favorites" so you can easily find ones you use constantly. The search feature is nice, but this is nicer.
Cons
Granularity in Security Groups: Groups can be assigned per folder, and different groups can have different permissions, but sometimes there are groups of passwords where only some of them should be visible to some users, and there's no good way to organize that. The best way right now is subfolders, which works, but it can clunky if you have a lot of cases like that.
Direct URL Logins: Secret Server has a feature where, if it works, lets you click the resource link in the list, which should take you to the site directly and log you in. However, in the years I've used this, it has never worked. I always get a weird application redirection error.
Default Policies: Some of the default expiration/complexity policies are annoying. I recognize that they are trying to meet best practices, but in many cases this is impractical. I end up having to turn off the default policy altogether and do this manually or with my own policy that I can apply later.
Likelihood to Recommend
Secret Server is really a great solution for any business that needs more than one person to have access to passwords for various devices, systems, and websites. Even an organization with only one person who would need access, if that person was no longer around, a simple change in Active Directory could assign those permissions to their successor. Candidly, the only scenario I can think of where a business might not want Secret Server would be a sole-proprietorship that was unconcerned with succession or security in general. The free version has no cost beyond using a server, and it's pretty low overhead.
We use Secret Server enterprise-wide as the source for all password administration. It generally (but not always) generates our passwords, so as to maintain password complexity. We use it to securely share passwords between administrators and users. On a personal level, I use it for my personal passwords as well. It keeps them secure, albeit on our corporate hardware.
Pros
Recommends complex passwords.
Interfaces with our Identity Management software to already know users. No extra passwords needed.
Ability to track additional information such as system, resource and even notes on a password.
Cons
The sharing functionality NEEDS improvement. We share most passwords at a group level, but then it becomes impossible to share them with a dynamic group and one or two one-off people as well. This is a major shortcoming.
I don't love the interface. I feel like there is an attempt at a dashboard, but it is really not effective.
I've heard, but never seen, that the software can actually change passwords in the target systems. If this is part of its deliverable, I do not know how to use it, and I don't know how you would do that. Seems like a great feature for password management.
Likelihood to Recommend
I actually really like that we have Secret Server. It is WAAAAY better than anything else we've used. I do feel like in today's age, there should be a better interface, mobile app, etc. I just don't see that with Secret Server. If it exists, we are not using it. In a smaller company, this interface would probably work out ok. If you have hundreds or thousands of users, the sharing feature will leave something to be desired.
VU
Verified User
Employee in Information Technology (1001-5000 employees)
As a distributor, we are using the SecretServer for our demo environment. We are able to share all our logins to websites or servers. In this way, the whole team can use them and work with the product.
Pros
Quick and easy installation.
All features for PAM in one product.
Modern and intuitive UI.
Functions can be extended by license.
Cons
You have to work with it regularly to find the right menu, because of the high functionality.
Likelihood to Recommend
You can easily grant access to external consultants and record every session. High security solution for your most important password. Helps to optimize and automate the password change process.
