LastPass quick infoOur ranking: 3.4 stars out of 5.
|
In 2022, LastPass skilled two main knowledge breaches that resulted in buyer knowledge being stolen. This knowledge consisted of encrypted fields similar to web site usernames and passwords, safe notes and form-filled knowledge, and unencrypted knowledge similar to web site URLs.
Whereas LastPass provides an honest password supervisor expertise with its slew of two-factor authentication choices and constant password seize and replay, its current safety incidents forestall us from recommending their service.
Is LastPass secure?
No, LastPass isn’t secure to make use of attributable to its unlucky knowledge breaches lately. LastPass skilled two main knowledge breaches that led to each LastPass buyer and firm knowledge being stolen. The primary incident, which occurred in August 2022, concerned a software program engineer’s company laptop computer being compromised.
In keeping with LastPass, the incident allowed a foul actor “to achieve entry to a cloud-based growth setting and steal supply code, technical info, and sure LastPass inside system secrets and techniques.” The corporate reiterated that “[n]o buyer knowledge or vault knowledge was taken throughout this incident.”
LastPass disclosed a second breach on November 22, 2022, whereby the info gained within the August 2022 breach was utilized to entry LastPass buyer knowledge. Specifically, the menace actor gained “unauthorized entry to cloud backups” that included “system configuration knowledge, API secrets and techniques, third-party integration secrets and techniques, and encrypted and unencrypted LastPass buyer knowledge.” This buyer knowledge consisted of encrypted fields similar to web site usernames and passwords, safe notes, and form-filled knowledge and unencrypted knowledge similar to web site URLs.
LastPass has mentioned that the encrypted knowledge stays safe with 256-bit AES encryption as long as the consumer’s grasp password makes use of their password finest practices, similar to having a 12-character minimal and never reusing the grasp password on different websites. In January 2024, LastPass introduced that the corporate will implement a requirement for all prospects to make use of a grasp password with at the very least 12 characters. Up to now, a 12-character grasp password was the default setting, however prospects nonetheless had the flexibility to decide on a grasp password with fewer characters. It’s the firm’s hope that efforts similar to these will “create stronger and extra resilient encryption keys for accessing and encrypting [customer] LastPass vault knowledge.”
In Could 2024, LastPass introduced it will separate from earlier father or mother firm GoTo and can now function as an impartial firm below LMI Mother or father, L.P. The corporate additionally mentioned it is going to put money into the institution of a devoted menace intelligence group, “designed to guard the broader LastPass group by proactively monitoring for, analyzing, and serving to to mitigate potential threats.”
Whereas LastPass continues to implement safety adjustments to rebuild public belief, I imagine the chance merely isn’t price taking given the corporate’s historical past of breaches.
Simply final March 2025, it’s been reported {that a} $150 million cryptocurrency cyberheist was presumably attributable to unhealthy actors using the stolen LastPass vaults in 2022, cracking a consumer’s grasp password, and subsequently utilizing one of many saved passwords to illegally entry a crypto pockets.
For my part, you’re a lot better off utilizing safer password managers like Bitwarden, Dashlane, or Keeper — all three of which have but to be concerned in any type of knowledge breach or hack.
Is LastPass free?
LastPass has a free model, albeit with restricted options. It provides a limiteless variety of password storage and comes with one account. In comparison with a premium LastPass subscription, the free tier will solely enable for one machine sort. Because of this you’ll solely be capable of use LastPass Free on both a pc or a cell machine.
Different limitations embrace not having LastPass’ One-to-Many password sharing function, no emergency entry capabilities, and the dearth of superior multi-factor authentication choices similar to YubiKey and fingerprint authentication.
For those who’re in search of a free model to make use of long-term, I like to recommend attempting out Bitwarden’s free model. It provides the identical limitless variety of password storage as LastPass but additionally permits entry to vaults on a limiteless variety of consumer gadgets, in comparison with LastPass’ one-device sort restrict.
LastPass pricing
Like most password managers, LastPass categorizes its pricing into Single Customers & Households and Enterprise prospects. Let’s check out the primary group or plans.
| Plan | Free | Premium | Households |
|---|---|---|---|
| Value | Free | $3 per 30 days | $4.00 per 30 days |
| No. of accounts | 1 | 1 | 6 |
| No. of machine sorts | 1 (both pc or cellphone) | Limitless | Limitless |
| Notable options |
|
|
|
LastPass’ Premium and Households plans are on par with most of its competitors. Its $3 per 30 days Premium plan falls in the course of comparable subscriptions from Dashlane ($4.99 per 30 days) and RoboForm ($1.66 per 30 days).
The story is identical for its Households plan, priced at $4.00 per 30 days, protecting six accounts. As of March 2025, it sits in an analogous worth vary with Dashlane’s Pals and Households plan for $7.49 per 30 days that accommodates 10 customers.
For those who’re particularly fascinated about a household plan, Bitwarden’s Households plan at $3.33 per 30 days for six customers is at present the most effective deal. It covers the identical most of six customers at a extra reasonably priced worth. It additionally has a superb safety popularity as an open-source password supervisor. To study extra, learn our full Bitwarden evaluate.
LastPass’ Enterprise plans encompass LastPass Groups and Enterprise.
| Plan | Groups | Enterprise |
|---|---|---|
| Value | $4.00 per consumer per 30 days | $7.00 per consumer per 30 days |
| Variety of customers | 50 customers or much less | Limitless |
| Notable options |
|
|
LastPass’ Groups plan, at $4.00 per consumer per 30 days, is on the pricier finish. If we evaluate it to 1Password’s Groups Starter Pack, you’ll be able to cowl 10 customers for $19.95. The identical variety of customers by means of LastPass Groups would quantity to $40 — an enormous bounce in worth. Bitwarden’s Groups Starter plan is analogous, priced at $20 for as much as 10 customers.
LastPass Groups permits as much as 50 customers, which can be useful to smaller groups with greater than 10 members. Nevertheless, it’s necessary to reiterate that you simply gained’t get the identical degree of safety with LastPass in comparison with different password managers.
LastPass Enterprise is within the center vary when it comes to comparable plans to the competitors. LastPass Enterprise, at $7 per consumer per 30 days, is in between Bitwarden’s Enterprise plan for $6 per consumer and Dashlane’s $8 per consumer.
LastPass provides a free 30-day trial for its Premium and Households plan and a 14-day trial for its Groups and Enterprise subscription. For those who actually need to attempt LastPass, going for one in every of these trials is your only option when it comes to pricing.
Key options of LastPass
Other than password technology, autofill, and multifactor authentication, LastPass features a few fascinating options that make it stand out from the competitors.
Safety Dashboard
LastPass features a password well being function referred to as Safety Dashboard. It provides you a Safety rating that analyzes consumer safety, checks you probably have any at-risk passwords, and permits you to handle trusted gadgets.
It additionally contains a darkish internet monitor that checks whether or not a selected e mail handle you might have is compromised or is concerned in a knowledge breach at one other firm or service.
I personally like how LastPass bundles each its safety rating and darkish internet monitoring into one web page, giving customers easy accessibility to the 2 complementary instruments in a single place.
One-time passwords
LastPass permits you to create a set of short-term, one-time passwords (OTPs) everytime you need to entry your vault from a public pc and don’t need to enter your grasp password.
OTPs may be helpful for individuals who steadily journey and don’t convey their very own pc or machine on a regular basis. These enable customers to entry their vaults remotely with out having to fret about keyloggers or malware stealing their grasp passwords each time they use public WiFi.
Nation restriction
One other travel-friendly function is LastPass’ Nation Restriction toggle. This permits customers to solely enable logins from chosen international locations, including a layer of safety everytime you’re touring or in a foreign country.
It is a handy set-and-forget function that vacationers can make the most of to guard their passwords from being illegally accessed by malicious third-parties each time they’re overseas.
Take word that these nation restrictions may be bypassed in case you use a digital non-public community (VPN), as VPNs could make it seem that you simply’re in a foreign country or location apart from your personal.
LastPass authentication and safety choices
LastPass comes with a formidable variety of multifactor authentication choices. At no cost customers, there’s LastPass MFA, Google Authenticator, Microsoft Authenticator, Toopher, Duo Safety, and Grid.
In the meantime, Premium customers can arrange a YubiKey USB as their second issue, in addition to fingerprint or sensible card authentication. LastPass Enterprise customers additionally get entry to Salesforce authentication.
By way of safety choices, LastPass permits you to set trusted gadgets that allow you to skip MFA. Whereas I personally don’t advocate this due to the chance of publicity, it might be handy to show this on in case you’re solely accessing your vault from one machine or location. LastPass additionally retains a document of the cell gadgets with entry to your LastPass account and your location historical past.
LastPass interface and efficiency
I used LastPass’ internet vault for many of my testing, and I discovered the interface to be pretty intuitive. Every part from my vault to extra superior choices or settings like emergency entry and MFA have been positioned the place I anticipated them to be.
Design-wise, I feel LastPass’ interface appears a bit dated in comparison with the competitors. Dashlane and Keeper, for instance, have extra refined UI’s in comparison with LastPass’ plain interface. I additionally discovered navigating by means of the LastPass interface to be a bit clunky, with some settings taking a bit longer to load in comparison with the competitors.
For efficiency, nevertheless, I encountered zero points with LastPass’ password seize and replay capabilities. Its autofill function was additionally dependable, filling in username and password fields with none hiccups.
I additionally actually preferred how the LastPass vault allows you to launch the actual app related to a given login.
With this, one can theoretically use LastPass as a type of command heart the place you’ll be able to launch and signal into your most-used apps and providers simply.
Total, whereas I want LastPass had a extra up to date design, it supplied an easy-to-understand consumer expertise.
SEE: 10 Frequent Cybersecurity Threats and The right way to Deal with Them (TechRepublic Premium)
LastPass cell app
The expertise on the LastPass cell app is kind of the identical as its internet utility. I used LastPass’ Android counterpart on my Google Pixel 6 for this evaluate, and it inherits the identical intuitive consumer interface of its internet app.
The expertise on the LastPass cell app is kind of the identical as its internet utility.
By default, LastPass cell blacks out screenshots throughout the app — an underrated safety function that stops unhealthy actors from stealing knowledge out of your cell vault. Fingerprint login on the app additionally labored effectively, and I actually preferred the safety features included within the app, similar to an computerized lock when the app is idle and account restoration through biometrics.
It inherits the identical older-looking design of the online app, however this implies you aren’t lacking a lot in case you solely plan to make use of the cell app over the online model.
LastPass execs
- A number of authentication choices.
- Intuitive consumer interface.
- Helpful one-time password function.
- Nation restriction performance.
LastPass cons
- Has been concerned in two main knowledge breaches.
- Dated interface design.
- Clunky internet app expertise.
Is LastPass price it?
No, LastPass’ current knowledge breaches forestall us from contemplating it a worthy password supervisor. That is unlucky, as LastPass provides an honest password administration expertise with its intensive MFA choices and dependable password seize and replay.
Nevertheless, these options don’t imply a factor if LastPass can’t reliably hold your passwords safe and out of unhealthy actors’ fingers. At this second, LastPass fails to hit this mark.
By way of options, choices similar to Bitwarden and 1Password can present the identical password administration expertise with none historical past of information breaches or compromised knowledge.
LastPass alternate options
Given LastPass’ current safety incidents, I’ve listed three different password managers that haven’t been concerned in breaches and can present extra safety in your knowledge.
| Keeper | Bitwarden | 1Password | |
|---|---|---|---|
| Our ranking | 4.4 out of 5 | 4.6 out of 5 | 4.3 out of 5 |
| Beginning worth (shopper plan) | $2.92 per 30 days | $0.83 per 30 days | $2.99 per 30 days |
| Beginning worth (marketing strategy) | $2 per consumer per 30 days; max of 10 customers | $4 per 30 days per consumer; limitless customers | $2 per 30 days per consumer; max of 10 customers |
| Standout options | Shared group folders and subfolders; army and medical reductions | Open supply; common and publicly accessible third-party audits | Nicely-designed interface; distinctive journey mode performance |
| Go to Keeper | Go to Bitwarden | Go to 1Password |
Keeper
For bigger companies, Keeper is a good decide because it provides personalized bundles and curated pricing for enterprise prospects. It additionally has a Enterprise Starter subscription for groups of 10 folks and a Marketing strategy tailor-made in direction of small-to-medium-sized companies.
To study extra, try our full Keeper evaluate.
Bitwarden
If safety is a prime precedence, Bitwarden is without doubt one of the finest. It’s open supply, which signifies that its supply code may be reviewed, analyzed, and audited by the general public. It additionally runs on a zero-knowledge structure and implements end-to-end encryption for its password storage.
To study extra, try our full Bitwarden evaluate.
1Password
For an all-around expertise, 1Password is a secure guess. It comes with an intuitive and modern-looking consumer interface that’s coupled with high-end encryption in your knowledge. It additionally provides a singular Journey Mode function that may profit customers who frequently go overseas for enterprise journeys.
To study extra, try our full 1Password evaluate.
Evaluate methodology
My evaluate of LastPass concerned an in depth evaluation of its safety features, worth, and real-world efficiency. I had hands-on expertise with LastPass by means of a 30-day trial of its Premium plan.
To check LastPass, I used its internet vault utility and browser extension on my Home windows laptop computer and its cell app on my Google Pixel 6.
I rated LastPass on every part from its password administration options to its pricing based mostly on an inside algorithm to get a ranking of three.4 out of 5 stars. The scoring was based mostly each on LastPass by itself and in relation to different password managers out there.
This text was initially revealed in December 2023. It was up to date by Luis Millares in March 2025.
