TrustRadius: an HG Insights company

Delinea Secret Server

Score9 out of 10

41 Reviews and Ratings

Get a Demo

What is Delinea Secret Server?

Secret Server (originally from Thycotic, now from Delinea since the 2021 Thycotic merger with Centrify) is an enterprise password management application, which is available with either a cloud-based or on-premise deployment which emphasizes fast deployment, scalability, and simplicity.

Categories & Use Cases

Reviews

What users are saying about Delinea Secret Server.
View all reviews

Enterprise level access management.

Incentivized
Christopher Sawyer
Programmer Analyst in Information Technology at TCDRS (51-200 employees employees)

Use Cases and Deployment Scope

We use it to store secrets (passwords) for websites and applications. Secrets for production access can also be checked out in approved time windows, meaning you can schedule the access ahead of time. This is a great way to manage and approve this type of privileged access. Secrets can be individual or shared within a team.

Pros

  • Store and access secrets (passwords) securely.
  • Manage access to secrets and servers.
  • Autofill secrets via browser plugin.

Cons

  • Personally I would prefer an app instead of a website.
  • Can be too many options. Sometimes I just want to add a secret quickly.
  • Can be slow to adopt until you get used to how it works.

Most Important Features

  • Secure secret (password) vault.
  • Management of access to servers.
  • Autofill secrets on websites.

Return on Investment

  • Scheduled access in advance reduces last-minute calls/emails.
  • Less reliance on browser password storage which is not secure.
  • Adoption can be slow.

Alternatives Considered

KeePass

Other Software Used

KeePass, Veracode, Azure DevOps Server (formerly Team Foundation Server)

Delinea - Way ahead for managing your infrastructure passwords.

Incentivized
Verified User
Consultant in Information Technology (10,001+ employees employees)

Use Cases and Deployment Scope

We have built an integrated solution comprising a Monitoring tool, a Service management tool, and a PAM tool, namely Delinea, for our product offering to provide an observability solution. Delinea is used for onboarding all CIs to have a secure channel to access from our support teams. It serves the purpose of maintaining the user credentials in a secure console and has an audit trail for all accesses made to the customer infrastructure. At any point in time, we can also identify when somebody has made changes to the infrastructure.

Pros

  • Remote connection to infrastructures.
  • Maintaining an audit of remote connections.
  • Video snapshot of activities done on the infrastructure.

Cons

  • Individual login credentials can be used for infrastructure connection.
  • Better integration with the ITSM solution to validate the incident or ticket numbers.
  • Server onboarding is a bit manual. Need better ways to onboard.

Return on Investment

  • Audit trail is highly appreciated.
  • Validated remote connectivity has provided peace of mind and helped reduce unwanted connections to the infrastructure, thereby avoiding outages and ultimately saving ROI.
  • Credentials testing and validation have reduced the number of outages as well as maintenance.

Usability

Alternatives Considered

JumpCloud and ManageEngine Password Manager Pro

Other Software Used

ManageEngine Password Manager Pro, JumpCloud

Great PAM for Enterprise solutions

Incentivized
Verified User
Engineer in Information Technology (201-500 employees employees)

Use Cases and Deployment Scope

It allows us to have a password repository, as well as give out access to the password repository on a role based scenario. We are able to give different business units different accessed based on the type of password and what the password is used for. It also gives us the ability for those different business units to create their own passwords without having to put in a ticket for access.

Pros

  • ease if use
  • secure
  • compartmentalized

Cons

  • the layout can be a little clunky

Return on Investment

  • Improved productivity

Keeping Secure with Secret Server

Incentivized
Cody Plassmeyer
IT Network Specialist in Information Technology at Central Electric Power Cooperative (51-200 employees employees)

Pros

  • Centralized password repository
  • Ability to rotate passwords

Cons

  • The Secret Server mobile app is terrible!
  • HTTPS isn't supported as a proxy

Most Important Features

  • Password management
  • Rotating local passwords for several different platforms
  • RDP and SSH ability from the secret

Return on Investment

  • Keeping us compliant with password rotation
  • Keeping us more secure

Other Software Used

Asana, Duo / Cisco Secure Access, by Duo, Zscaler Internet Access

Secret Server is the secret everyone needs to know about

Incentivized
Robert Paul
Technical Administrator in Information Technology at New Hampshire Retirement System (51-200 employees employees)

Pros

  • Password Management: Its entire purpose, really. Secret Server stores passwords in an incredibly easy to use way. They can be organized in groups, they contain all the information about the site or system the password is used for (including URLs for websites), and even a notes field. You can set up specific policies for expirations and complexity, and Secret Server can even generate strong passwords for you. Using a password is simple, too, since you can just click a button to add it to your clipboard; you don't even have to unmask the password.
  • Security: The passwords are stored encrypted in a SQL database, and the application requires an authenticated login. This could be local, but we tie it into Active Directory. Each folder of passwords has groups assigned (in our case, again, AD, but you can make them local groups) with different permission levels, so we can compartmentalize passwords. Desktop technicians don't have access to network switch passwords, etc.
  • Easy Setup: It took me about an hour to get the server running, from spinning up the VM to importing our old password list. It took a little longer to organize the passwords into proper folders, and then assigning groups, but it was easy to do.
  • Personal Passwords: Each user also gets a personal folder, where they can keep their own, unshared passwords. This is nice for sites or systems with individualized logins (e.g., a firewall, VPN, etc.)
  • Favorites: Secret Server lets you tag passwords as "favorites" so you can easily find ones you use constantly. The search feature is nice, but this is nicer.

Cons

  • Granularity in Security Groups: Groups can be assigned per folder, and different groups can have different permissions, but sometimes there are groups of passwords where only some of them should be visible to some users, and there's no good way to organize that. The best way right now is subfolders, which works, but it can clunky if you have a lot of cases like that.
  • Direct URL Logins: Secret Server has a feature where, if it works, lets you click the resource link in the list, which should take you to the site directly and log you in. However, in the years I've used this, it has never worked. I always get a weird application redirection error.
  • Default Policies: Some of the default expiration/complexity policies are annoying. I recognize that they are trying to meet best practices, but in many cases this is impractical. I end up having to turn off the default policy altogether and do this manually or with my own policy that I can apply later.

Return on Investment

  • The best return on investment is that all of our passwords are now up to date and usable by everyone in the department. The old way could only be accessed by one person at a time, and it was frequently wrong.
  • We save a lot of time in IT by having the passwords easily accessible. We also meet our security audit objectives by using this app instead of, say, an Excel spreadsheet or an old application that is no longer supported, as was the case at a previous workplace.
  • With the size of our department, we don't have enough passwords to go beyond the free version. It's fully functional, but it costs nothing (except some resources on a VM). ROI on free can't be beat.

Alternatives Considered

KeePass

Other Software Used

Duo Security, Veeam Backup & Replication, Site24x7

Related Products

Products similar to Delinea Secret Server that may also meet your needs.
All comparisons
CyberArk Privileged Access Management
CompareLearn more
Delinea Server PAM
CompareLearn more
BeyondTrust Password Safe
CompareLearn more