SAASPASS

What do you like best?

It's the real deal when it comes to passwordless login and the SSO experience is absolutely flawless. The management of permissions, users, and their provisioning, and management of computers and AD is so far flawless. Last but not least, the many redundant login vectors you can use, although felt overkill in the beginning, are absolutely needed since the further you use, the further you discover which way for login you prefer on your PC, browsers, apps, mobile, and the vast variety of ways is important in long term use. That personalized multiplicity of opened approches make the software use a breeze and adjust to your varying tastes. Last but not least, having the 2FA (google authenticator like) backed-up, and seamlessly available in the browser extension is a feature I discovered I just loved to use. It's 2FA securely done, backed-up and very easily available. Last but not least, THE OFFLINE MODE is an ABSOLUTE MUST HAVE, and a life saver when the internet is not available and you need to unlock your computer. That feature is notably missing of nearly all their competitors and a sinequanon condition to have in my view. I understand NASA, Boeing and VISA are some of their key customers and the thinking that went behind the resilience of the app and its holistic functioning clearly shows. The ability to clone profile and lock random recovery of accounts, or delay them for admin approvals are also well designed and deployed features in the fields of typical security and recovery hazards other providers sometime have (getting convenience of recovery ahead of a the must-have ability to totally lock-down the recovery of certain highly sensitive profiles of users such as super-admin.)

What do you dislike?

SSO and Enterprise password manager along with any shared password is extremely strong. But oddly enough, the simple password manager supposed to register new passwords as you type them in websites has a surprisingly high miss ratio. Whereby a Lastpass is nearly perfect in this regard. Granted it is more designed for enterprise apps and SSO, but since this is the entry-level free version for consumers, that experience would gain to be a little more thorough. It works as advertised, it's just the pick-up rate of new or updated passwords that is lacking behind the constantly nicely performance of LastPass in this regard.

Yubikey implementation works well, but it is not linked to the security profile on the mobile app. Although not a deal killer, it duplicates the profiles that have to be maintained for a user whereby supplementing the secure profile on a smartphone with a "triple factor authentication" via Yubikey for certain very mission-critical applications would be my dream scenario.

Lastly, adaptive multi-factor authentication is a new trend. Although Sasspass has started to implement some "ip geofencing" like approach, it is not fully featured at all and is still very basic and too early to tell if good or not compared to the Adaptive Auth "full speed ahead" the others are taking. Then again, the way the security is designed centric on the smartphone and non-duplicative nature for hacking purposes, it is already a very strong solution and perhaps adaptive MFA is not that essential. Still, it is the industry trend of competitors and likely feature customers will compare, hence would be good to be developed.

Finally, this is a pet-peeve, but very little is customizable in term of colors on the web portal admin console. Not a deal killer, the layout is perfectly user-friendly, would just like to change the colors (night mode at a minimum...)

Recommendations to others considering the product:

In the SSO space, you will come across PING & OKTA as "must-visit" providers for SSO solution. They are perfectly fine, the problem is they are the Swiss-knife solution for large corporate environments. But the reality is not everyone is a Fortune 500. SAASPASS will be 100% satisfying for any SMB, but the reality of the product is that it is EXTREMELY well designed, really simple for users, really versatile and really industrial strength. Their current roster of flagship clients (NASA being key) makes it a very reassuring choice as to the extent of the vetting they must have undergone before landing such client. I understand their offline capabilities were notably key in this regard, and it is really useful in real day-to-day life.

What problems are you solving with the product? What benefits have you realized?

We wanted a real passwordless solution that was going to be cutting edge and holistic from an Active Directory onboarding and real Single Sign-On (SSO), password vaulting and sharing capabilities along with custom apps. All boxes were ticked with great satisfaction. We didn't come for the basic "password manager" features which remain the weakest only when new ones are created.

Surprisingly, we didn't realize however how annoying using Authenticators as 2FA on a smartphone was until we realized how pleasant it was to use it with SAASPASS browser extension.