Hypersocket - The hype is on point!
May 02, 2018

Hypersocket - The hype is on point!

Craig Lockley | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User

Overall Satisfaction with Hypersocket

Hypersocket by NervePoint was used to provide a self-serve password reset functionality for our end users in hopes of limiting the time and resources required to complete the task by the IT Department. The functionality was simple and intuitive for some, but complex for non-computer savvy people. The lack of help-desk functionality still limited much of the assistance with resetting security question & answers to just the IT Department, which became an equal task to manage as it would have been to just manage an active directory password reset.

Multi-factor authentication integration is reliable but the use case scenarios of our business need limited its usability.
  • Centralized identity management was a key feature for an on-premise password manager especially now that many systems are segregated, regardless of how integrated an ecosystem may be with Secure LDAP, Single Sign-on or multi-app software (for example, Atlassian Suite). There are many that are free but becomes a task to manage. Hands down, the best feature.
  • Mobile functionality was also key, it allowed remote users to access self-service functionality or manage their passwords through their mobile device which extended their ability to work if a workstation became unavailable, at a meeting, while also implementing into the DRP and BCP.
  • Self-Service password management meets the standards, especially with a self-hosted solution. Cloud-based solutions are equally as susceptible to attacks as an on-premise solution and most stakeholders prefer the latter.
  • Help-Desk functionality similar to OneIdentity Self-Service Password Manager, as it provides additional users that do not require administrative access to assist with managing end-users who may have locked themselves out of HyperSocket Access Manager by forgetting their own security questions.
  • Too many features which become unusable and feel like the payment plans are not flexible since it's an all-in-one product with one price. It is not necessarily a bad thing as most subscription-based pricing forces a buyer to pay more for an integral service that is only available on the highest price-plan. You really do get what you pay for, but we found many of our use-case scenarios limited the product.
  • This isn't necessarily against the product, just a personal opinion around Multi-Factor authentication which is always primarily driven mobile devices. Not all companies or end-users have access to a multi-factor device, (or in our case, are allowed to have access to a cell phone while servicing members/clients). This creates a shortfall to allow multi-factor functionality to extend to all users unless there are hardware tokens, which can be miss placed or left out more easily as most users don't treat it the same way they would their personal smartphone.
  • As with any IT Service or Solution, the investment will always be seen as a sunk cost. The only ROI would be the time and resources spent elsewhere rather than with Password Management through an IT Department or similar department. I found that the time spent on password management was about the same, as many users who are frequently forgetting a password are also forgetting their security question & answers.
  • There are some positives, as it was able to help manage the bulk of their non-windows passwords or passwords related to another online service. The centralized password manager doesn't feel like a true single sign-on but for most users, it replaces a hand-written copy they have taped to a monitor.
  • It can help with automating some of the active directory workflows with its own user provisioning functionality. Took more time to set up than it was to manage on its own.
One Identity is a great self-service password management system, however, it is limited to just that. As it stacks against the competition, Hypersocket isn't modular, it's an all-in-one which most other systems aren't.
One Identity is what we use today for self-service, and migrated to KeePass for users centralized password manager. This probably wasn't the best move but this was all driven by cost and budgetary constraints.
HyperSocket is very well suited if the resources and budget are made available. There is not much a learning curve for the IT Department or for those users already familiar with two-factor authentication. There will be some education and training requirements for most end-users as the notifications and general verbiage can be confusing for some. It may also show some exploits within some end-users who are unaware of a notification but will use the email to reset an expired password without thinking twice if it may have been a phishing email or the opposite where an end-user deletes or ignores the expiration email notification expecting it to be spam/phishing.