ManageEngine Password Manager Pro

Granular access permissions

Audit logging

Audit history

Adding new secrets

Adding new sensitive information

User interface

App based password resets

Windows password recovery

Third-party password sync (SSO)

The interface is a little clunky and dated.

PMP is great for sorting passwords into different groups depending on the category of application access. This makes it easy to find the password that you are looking for.

Application credentials can easily be saved to the clipboard to make it easier to copy and paste them into the appropriate log in screen.

Different types of credentials for the same application can be stored next to each other and are easy to distinguish by the icon next to the name. For example, SSH credentials, web credentials, and local root credentials are all easy to sort under one application group.

PMP can improve on where granular password settings are stored. It difficult in my opinion to locate where the password complexity rules are to be set.

Integration with SSO providers is not as straightforward as some other applications I've used.

Access from a mobile device is far from ideal and makes it difficult to access important credentials when away from a desktop or laptop.

Once we got used to the application specific terminology, the tool is fairly straight forward.

Has all the basic functionality for password management.

Its cost effective. For an enterprise tool, it is the lowest cost.

There is no flexibility in how accounts are grouped.

The implementation of lowest privilege means you cannot use groups for assigning role based security. If you give a team read access, and a limited subset of the team write access, the read access supersedes write.

Some versions have been fragile. There have been times where the server has stopped working and needed a restart daily/weekly. Read the issues resolved in updates. There have been some critical failures in security over the years (i.e. unauthorized access possible by URL manipulation).

Centralized location for passwords

Increased efficiency

Ease of use

Better search features

Keep trace of every password accessed with configurable reports, containing date, authors and actions driven

Segregation of duties per given employee profile to separate a group of passwords accessed

Auto generation of complex password with rules you can define

Periodical regeneration of passwords to be audit compliant

Segregation of resources and passwords through the admin console

High level of database encryption

Light client access through a simple browser / no local storage on pcs even if encrypted

Simplicity to use

Affordable at reasonable price, for both acquisition and maintenance

In some browsers the copy password function does not work well

The search engine sometimes returns blank results (all browsers included: Chrome, IE11)

New upgrades are not visible in the tool itself, like in other third party tools

Simple integration into AD.

Really easy to use interface for end users.

Good management interface and good management reporting.

Reasonable cost per annum for support and updates.

Low maintenance, many tasks automated.

Reliable.

The ability to change non AD passwords is complex and difficult to set up. Maybe this is predictable, but it would be good to have an easier route to make greater use of the product.

Greater account management from the supplier would be appreciated. Being US-based they tend to leave their UK customers to fend for themselves.

Easy password retrieval

Easy to store passwords

Links to AD accounts

NT LAN Manager (NTLM) could be improved

Dashboard is a little dated

No auto upgrade feature