LastPass quick infoOur score: 3.4 stars out of 5.
|
In 2022, LastPass skilled two main knowledge breaches that resulted in buyer knowledge being stolen. This knowledge consisted of encrypted fields equivalent to web site usernames and passwords, safe notes and form-filled knowledge, and unencrypted knowledge equivalent to web site URLs.
Whereas LastPass affords an honest password supervisor expertise with its slew of two-factor authentication choices and constant password seize and replay, its current safety incidents forestall us from recommending their service.
Dashlane
Workers per Firm Measurement
Micro (0-49), Small (50-249), Medium (250-999), Massive (1,000-4,999), Enterprise (5,000+)
Micro (0-49 Workers), Small (50-249 Workers), Medium (250-999 Workers), Massive (1,000-4,999 Workers), Enterprise (5,000+ Workers)
Micro, Small, Medium, Massive, Enterprise
Options
Automated Provisioning
Uniqkey – Enterprise Password Supervisor
Workers per Firm Measurement
Micro (0-49), Small (50-249), Medium (250-999), Massive (1,000-4,999), Enterprise (5,000+)
Small (50-249 Workers), Medium (250-999 Workers), Massive (1,000-4,999 Workers), Enterprise (5,000+ Workers)
Small, Medium, Massive, Enterprise
Options
Exercise Monitoring, Automated Provisioning, Dashboard, and extra
Is LastPass protected?
No, LastPass isn’t protected to make use of on account of its unlucky knowledge breaches lately. LastPass skilled two main knowledge breaches that led to each LastPass buyer and firm knowledge being stolen. The primary incident, which occurred in August 2022, concerned a software program engineer’s company laptop computer being compromised.
In response to LastPass, the incident allowed a nasty actor “to achieve entry to a cloud-based improvement surroundings and steal supply code, technical info, and sure LastPass inside system secrets and techniques.” The corporate reiterated that “(n)o buyer knowledge or vault knowledge was taken throughout this incident.”
LastPass disclosed a second breach on November 22, 2022, whereby the info gained within the August 2022 breach was utilized to entry LastPass buyer knowledge. Particularly, the risk actor gained “unauthorized entry to cloud backups” that included “system configuration knowledge, API secrets and techniques, third-party integration secrets and techniques, and encrypted and unencrypted LastPass buyer knowledge.” This buyer knowledge consisted of encrypted fields equivalent to web site usernames and passwords, safe notes, and form-filled knowledge and unencrypted knowledge equivalent to web site URLs.
LastPass has stated that the encrypted knowledge stays safe with 256-bit AES encryption as long as the consumer’s grasp password makes use of their password greatest practices, equivalent to having a 12-character minimal and never reusing the grasp password on different websites. In January 2024, LastPass introduced that the corporate will implement a requirement for all clients to make use of a grasp password with at the least 12 characters. Prior to now, a 12-character grasp password was the default setting, however clients nonetheless had the power to decide on a grasp password with fewer characters. It’s the firm’s hope that efforts equivalent to these will “create stronger and extra resilient encryption keys for accessing and encrypting (buyer) LastPass vault knowledge.”
In Might 2024, LastPass introduced it could separate from earlier dad or mum firm GoTo and can now function as an impartial firm below LMI Mother or father, L.P. The corporate additionally stated it would put money into the institution of a devoted risk intelligence crew, “designed to guard the broader LastPass group by proactively monitoring for, analyzing, and serving to to mitigate potential threats.”
Whereas LastPass continues to implement safety modifications to rebuild public belief, I consider the danger merely isn’t price taking given the corporate’s historical past of breaches.
Simply final March 2025, it’s been reported {that a} $150 million cryptocurrency cyberheist was presumably on account of unhealthy actors using the stolen LastPass vaults in 2022, cracking a consumer’s grasp password, and subsequently utilizing one of many saved passwords to illegally entry a crypto pockets.
For my part, you’re significantly better off utilizing safer password managers like Bitwarden, Dashlane, or Keeper — all three of which have but to be concerned in any form of knowledge breach or hack.
Is LastPass free?
LastPass has a free model, albeit with restricted options. It affords an infinite variety of password storage and comes with one account. In comparison with a premium LastPass subscription, the free tier will solely permit for one system sort. Which means you’ll solely be capable of use LastPass Free on both a pc or a cellular system.
Different limitations embody not having LastPass’ One-to-Many password sharing characteristic, no emergency entry capabilities, and the shortage of superior multi-factor authentication choices equivalent to YubiKey and fingerprint authentication.
If you happen to’re in search of a free model to make use of long-term, I like to recommend attempting out Bitwarden’s free model. It affords the identical limitless variety of password storage as LastPass but in addition permits entry to vaults on an infinite variety of consumer units, in comparison with LastPass’ one-device sort restrict.
LastPass pricing
Like most password managers, LastPass categorizes its pricing into Single Customers & Households and Enterprise clients. Let’s check out the primary group or plans.
| Plan | Free | Premium | Households |
|---|---|---|---|
| Value | Free | $3 per 30 days | $4.00 per 30 days |
| No. of accounts | 1 | 1 | 6 |
| No. of system sorts | 1 (both pc or telephone) | Limitless | Limitless |
| Notable options |
|
|
|
LastPass’ Premium and Households plans are on par with most of its competitors. Its $3 per 30 days Premium plan falls in the course of comparable subscriptions from Dashlane ($4.99 per 30 days) and RoboForm ($1.66 per 30 days).
The story is similar for its Households plan, priced at $4.00 per 30 days, masking six accounts. As of March 2025, it sits in the same value vary with Dashlane’s Mates and Households plan for $7.49 per 30 days that accommodates 10 customers.
If you happen to’re particularly excited by a household plan, Bitwarden’s Households plan at $3.33 per 30 days for six customers is at the moment the very best deal. It covers the identical most of six customers at a extra inexpensive value. It additionally has a very good safety fame as an open-source password supervisor. To study extra, learn our full Bitwarden assessment.
LastPass’ Enterprise plans include LastPass Groups and Enterprise.
| Plan | Groups | Enterprise |
|---|---|---|
| Value | $4.00 per consumer per 30 days | $7.00 per consumer per 30 days |
| Variety of customers | 50 customers or much less | Limitless |
| Notable options |
|
|
LastPass’ Groups plan, at $4.00 per consumer per 30 days, is on the pricier finish. If we evaluate it to 1Password’s Groups Starter Pack, you may cowl 10 customers for $19.95. The identical variety of customers via LastPass Groups would quantity to $40 — an enormous bounce in value. Bitwarden’s Groups Starter plan is comparable, priced at $20 for as much as 10 customers.
LastPass Groups permits as much as 50 customers, which can be useful to smaller groups with greater than 10 members. Nonetheless, it’s essential to reiterate that you just gained’t get the identical stage of safety with LastPass in comparison with different password managers.
LastPass Enterprise is within the center vary by way of comparable plans to the competitors. LastPass Enterprise, at $7 per consumer per 30 days, is in between Bitwarden’s Enterprise plan for $6 per consumer and Dashlane’s $8 per consumer.
LastPass affords a free 30-day trial for its Premium and Households plan and a 14-day trial for its Groups and Enterprise subscription. If you happen to actually wish to attempt LastPass, going for certainly one of these trials is your only option by way of pricing.
Key options of LastPass
Apart from password era, autofill, and multifactor authentication, LastPass features a few fascinating options that make it stand out from the competitors.
Safety Dashboard
LastPass features a password well being characteristic referred to as Safety Dashboard. It offers you a Safety rating that analyzes consumer safety, checks when you have any at-risk passwords, and means that you can handle trusted units.
It additionally includes a darkish internet monitor that checks whether or not a selected e-mail deal with you may have is compromised or is concerned in a knowledge breach at one other firm or service.
I personally like how LastPass bundles each its safety rating and darkish internet monitoring into one web page, giving customers easy accessibility to the 2 complementary instruments in a single place.
One-time passwords
LastPass means that you can create a set of momentary, one-time passwords (OTPs) everytime you wish to entry your vault from a public pc and don’t wish to enter your grasp password.
OTPs will be helpful for individuals who continuously journey and don’t deliver their very own pc or system on a regular basis. These permit customers to entry their vaults remotely with out having to fret about keyloggers or malware stealing their grasp passwords every time they use public WiFi.
Nation restriction
One other travel-friendly characteristic is LastPass’ Nation Restriction toggle. This permits customers to solely permit logins from chosen international locations, including a layer of safety everytime you’re touring or out of the country.
It is a handy set-and-forget characteristic that vacationers can make the most of to guard their passwords from being illegally accessed by malicious third-parties every time they’re overseas.
Take be aware that these nation restrictions will be bypassed should you use a digital personal community (VPN), as VPNs could make it seem that you just’re out of the country or location apart from your individual.
LastPass authentication and safety choices
LastPass comes with a formidable variety of multifactor authentication choices. At no cost customers, there’s LastPass MFA, Google Authenticator, Microsoft Authenticator, Toopher, Duo Safety, and Grid.
In the meantime, Premium customers can arrange a YubiKey USB as their second issue, in addition to fingerprint or good card authentication. LastPass Enterprise customers additionally get entry to Salesforce authentication.
By way of safety choices, LastPass means that you can set trusted units that allow you to skip MFA. Whereas I personally don’t advocate this due to the danger of publicity, it could be handy to show this on should you’re solely accessing your vault from one machine or location. LastPass additionally retains a document of the cellular units with entry to your LastPass account and your location historical past.
LastPass interface and efficiency
I used LastPass’ internet vault for many of my testing, and I discovered the interface to be pretty intuitive. All the things from my vault to extra superior choices or settings like emergency entry and MFA have been positioned the place I anticipated them to be.
Design-wise, I believe LastPass’ interface appears a bit dated in comparison with the competitors. Dashlane and Keeper, for instance, have extra refined UI’s in comparison with LastPass’ plain interface. I additionally discovered navigating via the LastPass interface to be a bit clunky, with some settings taking a bit longer to load in comparison with the competitors.
For efficiency, nevertheless, I encountered zero points with LastPass’ password seize and replay capabilities. Its autofill characteristic was additionally dependable, filling in username and password fields with none hiccups.
I additionally actually preferred how the LastPass vault enables you to launch the actual app related to a given login.
With this, one can theoretically use LastPass as a form of command middle the place you may launch and signal into your most-used apps and companies simply.
Total, whereas I want LastPass had a extra up to date design, it supplied an easy-to-understand consumer expertise.
SEE: 10 Frequent Cybersecurity Threats and Easy methods to Deal with Them (TechRepublic Premium)
LastPass cellular app
The expertise on the LastPass cellular app is kind of the identical as its internet utility. I used LastPass’ Android counterpart on my Google Pixel 6 for this assessment, and it inherits the identical intuitive consumer interface of its internet app.
The expertise on the LastPass cellular app is kind of the identical as its internet utility.
By default, LastPass cellular blacks out screenshots throughout the app — an underrated safety characteristic that stops unhealthy actors from stealing knowledge out of your cellular vault. Fingerprint login on the app additionally labored effectively, and I actually preferred the security measures included within the app, equivalent to an automated lock when the app is idle and account restoration through biometrics.
It inherits the identical older-looking design of the online app, however this implies you aren’t lacking a lot should you solely plan to make use of the cellular app over the online model.
LastPass execs
- A number of authentication choices.
- Intuitive consumer interface.
- Helpful one-time password characteristic.
- Nation restriction performance.
LastPass cons
- Has been concerned in two main knowledge breaches.
- Dated interface design.
- Clunky internet app expertise.
Is LastPass price it?
No, LastPass’ current knowledge breaches forestall us from contemplating it a worthy password supervisor. That is unlucky, as LastPass affords an honest password administration expertise with its intensive MFA choices and dependable password seize and replay.
Nonetheless, these options don’t imply a factor if LastPass can’t reliably maintain your passwords safe and out of unhealthy actors’ arms. At this second, LastPass fails to hit this mark.
By way of options, choices equivalent to Bitwarden and 1Password can present the identical password administration expertise with none historical past of information breaches or compromised knowledge.
LastPass options
Given LastPass’ current safety incidents, I’ve listed three various password managers that haven’t been concerned in breaches and can present extra safety to your knowledge.
| Keeper | Bitwarden | 1Password | |
|---|---|---|---|
| Our score | 4.4 out of 5 | 4.6 out of 5 | 4.3 out of 5 |
| Beginning value (shopper plan) | $2.92 per 30 days | $0.83 per 30 days | $2.99 per 30 days |
| Beginning value (marketing strategy) |
$2 per consumer per 30 days; max of 10 customers | $4 per 30 days per consumer; limitless customers | $2 per 30 days per consumer; max of 10 customers |
| Standout options | Shared crew folders and subfolders; army and medical reductions | Open supply; common and publicly obtainable third-party audits | Properly-designed interface; distinctive journey mode performance |
| Go to Keeper | Go to Bitwarden | Go to 1Password |
Keeper
For bigger companies, Keeper is a superb decide because it affords personalized bundles and curated pricing for enterprise clients. It additionally has a Enterprise Starter subscription for groups of 10 individuals and a Marketing strategy tailor-made in the direction of small-to-medium-sized companies.
To study extra, take a look at our full Keeper assessment.
Bitwarden
If safety is a prime precedence, Bitwarden is among the greatest. It’s open supply, which signifies that its supply code will be reviewed, analyzed, and audited by the general public. It additionally runs on a zero-knowledge structure and implements end-to-end encryption for its password storage.
To study extra, take a look at our full Bitwarden assessment.
1Password
For an all-around expertise, 1Password is a protected guess. It comes with an intuitive and modern-looking consumer interface that’s coupled with high-end encryption to your knowledge. It additionally affords a singular Journey Mode characteristic that may profit customers who usually go overseas for enterprise journeys.
To study extra, take a look at our full 1Password assessment.
Evaluate methodology
My assessment of LastPass concerned an in depth evaluation of its security measures, value, and real-world efficiency. I had hands-on expertise with LastPass via a 30-day trial of its Premium plan.
To check LastPass, I used its internet vault utility and browser extension on my Home windows laptop computer and its cellular app on my Google Pixel 6.
I rated LastPass on all the things from its password administration options to its pricing primarily based on an inside algorithm to get a score of three.4 out of 5 stars. The scoring was primarily based each on LastPass by itself and in relation to different password managers available in the market.
This text was initially printed in December 2023. It was up to date by Luis Millares in March 2025.
========================
AI, IT SOLUTIONS TECHTOKAI.NET