Essential to every enterprise, as well as individuals
Overall Satisfaction with LastPass
We implemented LastPass a few years ago as we had a massive gap with passwords. We use a lot of shared accounts for various vendors and suppliers and the accounts were constantly being locked out. We now use shared vaults, backed by AD sync and groups to automatically provision the correct access to the right teams.
It has also reduced our password resets on individual accounts dramatically and increased our security on enforcing stronger passwords, pushing new accounts into vaults as opposed to emailing them around the place and stopping people writing passwords down in books and on sticky notes.
It has also reduced our password resets on individual accounts dramatically and increased our security on enforcing stronger passwords, pushing new accounts into vaults as opposed to emailing them around the place and stopping people writing passwords down in books and on sticky notes.
Pros
- Password Autofill - Since our users no longer need to know what their password actually is now, we can enforce strong, long passwords.
- AD Sync - Makes life as an admin so much easier. We have set up a process when provisioning users into AD that once they have their departmental group it will automatically provision them the required vaults for their job roles.
- Push Sites to Users - This feature is invaluable. When we create new user accounts, we simply use a CSV file to push the account details into the user's vaults. No need to email or print welcome emails full of passwords.
Cons
- Roles - The roles are relatively new and the idea behind them is good. The only thing that I want to be able to do is give the admins of other systems access to use the push sites to users feature. That way when non-IT people are creating accounts for other systems they can push the accounts in without sending to IT to do.
- Pricing - We have had massive pricing increases each year since we brought it in. They say it is because they have implemented so many new features, which is fair enough except we don't use many if any of the new features. If they could bring in a modular pricing model so we can pay for the base system and then purchase any required add-ons we use, that would be much more beneficial for us. We nearly had to scrap the system this renewal simply because the price had quite literally tripled since the first invoice.
- Update Username - I came across an issue with our environment as we have multiple email domains that when a user moved departments and their domain changed in AD, it would break the LastPass connection between them. It must identify on an email level as opposed to some kind of GUID. When we wanted to update the usernames of everyone to a generic domain to mitigate this problem. We had to do it manually with each user as there was no way to do it from the console.
- Efficiency - When talking about ROI on LastPass, there isn't a real monetary return on it. It is more about efficiencies gained in terms of not hunting around for passwords or locking out accounts and quickly being able to log into all your systems with ease.
- Security - Long complex passwords, hidden from users so they can simply log in and use them. They don't even know what the password is, so when someone leaves the company we don't have to change shared passwords every time.
- Sharing - Having the ability to give the required people the required passwords without having to physically share it on a piece of paper or shared Word doc means our new users can get on their feet immediately with everything they require already sitting in their vault ready for use. When a password is updated in one of our systems, our team leaders can update them in the share and nobody needs to worry about updating it in their own vaults.
We trialed this product when coming up for our renewal this year. At first, we thought it looked very nice and had some great visual appeal. That was about where it ended for us though. It had a clunky application that needed to be installed as opposed to just a nice browser extension. The sharing was convoluted and awkward and it offered very little in the way of policies. It might be good for an individual user, but as an enterprise, we needed much more out of our password management system.
Comments
Please log in to join the conversation