Thycotic Secret Server

Thycotic Secret Server Reviews

Do you work for this company? Learn how we help vendors

Ratings and Reviews
(1-6 of 6)

Companies can't remove reviews or game the system. Here's why
Score 9 out of 10
Vetted Review
Verified User
Review Source
  • Works well with RBAC, workflow for access requests, and approvals for third parties.
  • Allows monitoring and recording of remote sessions.
  • Available for on-premise and cloud.
  • Implementation can take some time to get everything running.
  • Does not actually find all your service accounts.
January 30, 2020

Secret Server

Score 10 out of 10
Vetted Review
Verified User
Review Source
  • Role-Based access. Users only have access to the secrets they need within their department based on their role.
  • Secret Server authenticates with Active Directory for easy connectivity.
  • It can be difficult at times figuring out how to architect a new group within the solution. Often times it takes a couple attempts to get it right.
Robert Paul | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
  • Password Management: Its entire purpose, really. Secret Server stores passwords in an incredibly easy to use way. They can be organized in groups, they contain all the information about the site or system the password is used for (including URLs for websites), and even a notes field. You can set up specific policies for expirations and complexity, and Secret Server can even generate strong passwords for you. Using a password is simple, too, since you can just click a button to add it to your clipboard; you don't even have to unmask the password.
  • Security: The passwords are stored encrypted in a SQL database, and the application requires an authenticated login. This could be local, but we tie it into Active Directory. Each folder of passwords has groups assigned (in our case, again, AD, but you can make them local groups) with different permission levels, so we can compartmentalize passwords. Desktop technicians don't have access to network switch passwords, etc.
  • Easy Setup: It took me about an hour to get the server running, from spinning up the VM to importing our old password list. It took a little longer to organize the passwords into proper folders, and then assigning groups, but it was easy to do.
  • Personal Passwords: Each user also gets a personal folder, where they can keep their own, unshared passwords. This is nice for sites or systems with individualized logins (e.g., a firewall, VPN, etc.)
  • Favorites: Secret Server lets you tag passwords as "favorites" so you can easily find ones you use constantly. The search feature is nice, but this is nicer.
  • Granularity in Security Groups: Groups can be assigned per folder, and different groups can have different permissions, but sometimes there are groups of passwords where only some of them should be visible to some users, and there's no good way to organize that. The best way right now is subfolders, which works, but it can clunky if you have a lot of cases like that.
  • Direct URL Logins: Secret Server has a feature where, if it works, lets you click the resource link in the list, which should take you to the site directly and log you in. However, in the years I've used this, it has never worked. I always get a weird application redirection error.
  • Default Policies: Some of the default expiration/complexity policies are annoying. I recognize that they are trying to meet best practices, but in many cases this is impractical. I end up having to turn off the default policy altogether and do this manually or with my own policy that I can apply later.
Score 5 out of 10
Vetted Review
Verified User
Review Source
  • Recommends complex passwords.
  • Interfaces with our Identity Management software to already know users. No extra passwords needed.
  • Ability to track additional information such as system, resource and even notes on a password.
  • The sharing functionality NEEDS improvement. We share most passwords at a group level, but then it becomes impossible to share them with a dynamic group and one or two one-off people as well. This is a major shortcoming.
  • I don't love the interface. I feel like there is an attempt at a dashboard, but it is really not effective.
  • I've heard, but never seen, that the software can actually change passwords in the target systems. If this is part of its deliverable, I do not know how to use it, and I don't know how you would do that. Seems like a great feature for password management.

Thycotic Secret Server Scorecard Summary

What is Thycotic Secret Server?

Thycotic aims to make powerful Privileged Account Management (PAM) simple. Secret Server helps users detect, control, change and audit privileged accounts across any organization. Secret Server is a full featured PAM solution available both on premise and in the cloud.

Thycotic’s software gives security and IT ops teams the agility to secure and manage all types of privileges, protecting administrator, service, application, and root accounts from cyber attack. The vendor states that unlike traditional, complex PAM solutions, Secret Server works the way users work, starting with a rapid deployment and giving users direct control to customize as they grow.

Secret Server aims to enable organizations to:

Improve Security Posture: Protecting privileged accounts helps businesses tighten their attack surface and build resilience against other causes of disruption

Minimize Complexity & Maintain Productivity - Secret Server is presented as fast to deploy and easy to use, unburdening IT teams.

Experience Enterprise-Class Performance - According to the vendor, Thycotic secures privileged accounts for more than 10,000 organizations worldwide, including Fortune 500 enterprises and is deployed on the largest networks in the world.

Thycotic Secret Server Features

  • Supported: Secure Vault and Password Manager with AD Integration
  • Supported: Discover Local and Active Directory Privileged Accounts
  • Supported: Automatic Password Changing for Network Accounts
  • Supported: Enhanced Auditing & Reporting
  • Supported: Service Account and Dependency Management

Thycotic Secret Server Video

Secret Server’s the only fully featured PAM solution available both on-premise and in the cloud. As cyber threats increase, effective and agile privileged access management, or PAM, has become mission-critical. Secret Server empowers security and IT Teams to secure and manage all types of privileged accounts and offers the fastest time to value. This short video takes you through some of the highlights of Secret Server and show you how easy it is to use.

Thycotic Secret Server Competitors

Thycotic Secret Server Pricing

Thycotic Secret Server Technical Details

Deployment TypesOn-premise, SaaS
Operating SystemsWindows
Mobile ApplicationApple iOS, Android, Windows Phone, Blackberry, Mobile Web

Frequently Asked Questions

What is Thycotic Secret Server?

Secret Server is an enterprise password management application from Thycotic in Washington DC which is available with either a cloud-based or on-premise deployment which emphasizes fast deployment, scalability, and simplicity.

What is Thycotic Secret Server's best feature?

Reviewers rate Support Rating highest, with a score of 6.

Who uses Thycotic Secret Server?

The most common users of Thycotic Secret Server are from Enterprises and the Computer & Network Security industry.