LastPass Review 2024: Other Password Managers Do It Better

LastPass has been the subject of scrutiny over the years with its growing list of hacks and cybersecurity incidents, but has this password manager turned security suite done enough to earn your trust?
3.5
Learn More
On LastPass's website

LastPass
  • Helpful features like family profiles and a password generator
  • Compatible with lots of browsers, OS, and devices
  • Multiple data breaches including November 2022
We may receive compensation from the products and services mentioned in this story, but the opinions are the author's own. Compensation may impact where offers appear. We have not included all available products or offers. Learn more about how we make money and our editorial policies.

Since its introduction in 2008, LastPass has touted itself as a safe and easy way to store passwords and login credentials. Unfortunately, soon after its release, LastPass began suffering security incidents, with the first in 2011. Eight more breaches followed with the two most recent being within months of each other in the latter half of 2022. Still, LastPass insists its customers are now safe and it’s taken measures to prevent further hacks.[1]

As far as the actual service, LastPass has a host of features like a password generator and multifactor authentication which serve as useful tools to anyone looking for increased security online.

The free, individual, business, and family plans all offer convenient ways to store sensitive information that’s easily accessible and supposedly safe. With a manageable price and integrated browser extensions, it’s up to you to decide whether or not this service is right for you. Let’s get into what we found.

In this article
LastPass review at a glance
LastPass features
Our LastPass experience
LastPass privacy policy
Is LastPass safe to use?
LastPass customer service
LastPass compatibility
How much does LastPass cost?
LastPass FAQs
Bottom line: Is LastPass good?

LastPass review at a glance

Price Starts at $3.00/mo (for paid plans)
Free version Yes
Browser extensions Chrome, Firefox, Edge, Safari, Opera
Password sharing Yes — Unlimited on paid plan
Encryption AES-256 bit encryption with PBKDF2 SHA-256 and salted hashes
Two-factor authentication Yes
Password generator Yes
Form filler Yes
Digital legacy Yes
Details Get LastPass
*Data as of 05/24/2023.

LastPass pros and cons

Pros
  • Saves and organizes passwords
  • Compatible with lots of browsers, OS, and devices
  • Helpful features like family profiles and a password generator
Cons
  • Paid plan is required for personal customer support
  • Free plan limited to one device
  • Multiple data breaches including November 2022

LastPass features

Since its humble start as a password manager, LastPass has continued to expand its offerings to provide a number of features aimed at security. For example, the Digital Legacy feature, one that allows you to will your password vault to someone upon your passing, is an especially useful feature as more of our lives move online.

Take a look at some of the other features and what they can offer.

Password sharing

Even though Netflix may be cracking down on password sharing, it doesn’t mean we won’t continue to share. LastPass has thought of this and created a safe and effective way for you to share passwords with friends, family, roommates, or colleagues.

The Sharing Center within the LastPass dashboard allows you to send passwords to anyone while continuing to keep that information encrypted. It’s way better than pasting the Disney+ password into a text to your mom for the 15th time.

Two-factor authentication

Two-factor (2FA) and multifactor authentication (MFA) allow you to add extra layers of security to products that handle some pretty private data. This type of passwordless authentication can supplement the security holes found in password security.

LastPass takes advantage of this technology by using 2FA and allowing you to go deeper by enabling multifactor authentication. LastPass has a proprietary authenticator but also allows for integration of other authenticators, such as biometric logins, which improve the security of 2FA.

Password generator

If you’re an Apple person, you may be familiar with the password generator that comes standard as a part of iOS. LastPass also provides this service with its own proprietary password generator.

When the browser extension is enabled, you can automatically create a secure password directly on a website. These unique combinations make for strong passwords and can help increase your security. LastPass will then save the new password to your vault.

Autofill

The autofill feature in LastPass creates a profile of you with the information you want, like phone number, address, credit card info, and more. You can fill online forms by clicking the browser extension in your toolbar. In addition to this being convenient, it also helps avoid keylogging, which is where everything you type is recorded.

Password strength report

This feature evaluates your passwords, password hygiene, and sharing practices and evaluates your score based on how you use passwords.

For instance, if you use the same password multiple times, your strength score is lowered because there are more chances to breach this password. If you use unique, complex passwords for all your accounts, you’ll end up with a high rating.

Additionally, you’ll need to continue to monitor LastPass as it scans the web for data breaches. If your password appears in a breach, it’ll lower your score and suggest you change the password.

Digital legacy

Digital legacy is a uniquely 21st-century problem. What do you do with a person’s online accounts when they pass away?

LastPass allows you to name heirs who are granted access to your vault in the event of your passing. This can help families or loved ones who are trying to access bank accounts, medical information, emails, and other services.

Bonus features

Additional bonus features offered by LastPass for business and family accounts are:

  • Emergency access: Grants someone emergency access in case of a forgotten password. You can also grant temporary access or update specific folder permissions to share the passwords within and skip sharing your master password.
  • Dark web monitoring: Tracks your email on the dark web for breaches and hacks.
  • Security dashboard and score: Lets you know how secure your LastPass and other accounts are across the web.
  • 1 GB encrypted file storage: Whether you share files between loved ones or coworkers or just need a secure place to stash the file, the option is available.

Our LastPass password manager experience

One positive aspect of LastPass is the ability to just use it as a basic password manager. If you aren’t interested in all the bells and whistles of the features, you can install LastPass with a few clicks and let it do its thing.

Once you enable the LastPass browser extension, it’s easy to navigate all over the web without having to worry about your passwords.

The LastPass browser extension makes it easy to log in to your online accounts.

We easily navigated through the dashboard to find all of our saved passwords. They were organized in neat folders. Since we’re using a business version, we were able to see not only our own personal passwords but also the ones shared with coworkers.

LastPass lets you organize your passwords and account into into folders.

You can also add secure notes to each saved password as well as require extra security steps, such as your master password, to log into certain accounts. This is especially helpful for banking and financial accounts since it adds an additional layer of protection.

As an added bonus, LastPass includes a security dashboard in the menu options on the left. This gave us a brief overview of the security issues we may face given our settings. Since we were already signed into the dark web monitoring, we decided to try turning on multifactor authentication.

The Security Dashboard in LastPass shows you ways you can improve your account security.

A glitch we found when using LastPass on our MacBook was that links didn’t open when we clicked. At first, we thought the links for the multifactor authentication were broken. Since this is an app, however, we didn’t expect them to open within the app itself.

When the links didn’t redirect back to our Safari browser, however, we wondered if they worked on Mac at all.

LastPass didn't want to open links on our Mac or with Safari.

It didn’t matter how much we clicked that “Enroll” button, nothing showed up. Then we went back to our Safari browser and there were as many tabs open as times we clicked.

This little glitch isn’t a deal breaker, but there’s probably an easier way for LastPass to handle activating this authenticator. In the end, we had to move between our LastPass dashboard and our web browser manually.

One thing to note, we haven’t run into this issue while using LastPass Premium on our iPhone, although we do often need to open our LastPass vault in order to copy account passwords when logging into iOS apps.

Otherwise, LastPass was pretty user-friendly. We did appreciate being able to use another password generator other than our proprietary Apple generator. We also appreciated the ability to add identities, which allows you to create clusters of information, like websites and notes for certain passwords, all grouped together. This is useful if you want to keep all your financial information like banking, trading, and crypto in one easy place.

LastPass is user-friendly and allows you to manage your account settings within the dashboard.

Overall, LastPass isn’t difficult or confusing to use. You can store passwords, increase your security, monitor your dark web presence, and organize passwords and notes in an orderly fashion. The product itself is actually very useful. Unfortunately, LastPass is still battling hacking and privacy issues.

LastPass privacy policy

Since LastPass has such a robust free product offering, it’s more than likely the company is selling data to recoup profits lost. After reading the U.S. privacy policy listed on the website, it's pretty clear that’s exactly what’s happening. LastPass is even using aggregated data from other parts of the web to create a clearer picture of you for marketing purposes.

The LastPass privacy policy raised some red flags about data collection.

The last sentence of the first paragraph, item (k), on page three of the policy states:

“To the extent permitted by law, we may also combine, correct, and enrich personal data we receive from you with data about you from other sources, including publicly available databases or from third parties to update, expand, and analyze our records, identify new prospects for marketing, and provide products and Services that may be of interest to you.”

There are several red flags in that statement. Identifying “new prospects for marketing” means selling your data to marketers. It’s also concerning that LastPass notes it can “correct and enrich personal data” you provide along with data it collects from outside sources. Why would a password manager need to “correct and enrich” your personal data? Why wouldn’t it just store your passwords and leave the rest of your identity alone?

These are the types of questions you should ask when looking at a product to which you give so much information. Since you’re sharing personal, financial, health, and other login details with LastPass, selling that information seems counterintuitive to the purpose of its service — keeping your data secure.

LastPass third-party audits

LastPass claims a significant amount of security certificates and advertises its Bug Bounty program in an effort to show customers how dedicated it is to security.

The most recent third-party security certificate was issued in July 2022, directly before the major hacks that stole source code and encrypted password vaults from LastPass’ servers.

Is LastPass safe to use?

Honestly, probably not. LastPass suffered two major security incidents in 2022 that left customers’ data exposed, with the November breach including encrypted password vaults. As there’s been very little additional data provided by LastPass in the months following the hack, it’s unknown how far-reaching the effect of this will be on customers.

The previous cybersecurity incident in August 2022 saw hackers getting away with some of LastPass’ source code.[2] Source code is the foundational structure, the DNA, of any software. Like DNA, if you alter part of it, you can alter the entire entity.

This means that portions of LastPass could have been altered in the November 2022 hack that haven’t even come to light yet. With competitors like Keeper and 1Password having never been hacked, it’s probably safer to go with one of those services while LastPass sorts itself out.

It’s worth noting that if you are a LastPass customer, changing your passwords may not be enough to protect your accounts. You should enable multifactor authentication and update your privacy settings to keep accounts safe.

LastPass customer service

The least helpful aspect of LastPass is its customer service.

While you have to be subscribed to a paid tier like Premium or Family to access personal customer service, you’re still encouraged to sort through the self-help section before reaching out to the call center. Like most self-help sections of technical sites, finding answers to more obscure questions can be time-consuming and frustrating.

LastPass notes it’s receiving larger than normal call volume. The notice on the support page goes on to encourage you to search for your support topic in the self-help section. As you may have guessed, you’ll only get general suggestions on the self-help pages instead of direct answers to your questions. If you’re looking for a solution to a less common issue, you may find yourself searching for a while.

It would be nice to see LastPass add a chatbot that links to a live person if you can’t find what you’re looking for in self-help. This could reduce the call volume and also assist customers in finding faster answers to questions. Unfortunately, that doesn’t look like it’s in the works, but we can dream, right?

LastPass's customer service and self-help pages aren't very helpful at all.

LastPass compatibility

LastPass claims compatibility with a myriad of browsers, mobile devices, and operating systems. For web browsers in general, the two most recent versions work with LastPass. Anything older than that, and you’ll need to update your browser.

Keep in mind that free users are also limited to one device, so be sure to install it on a device that you use to log in to your accounts most often.

Operating systems and mobile apps

  • Android OS 9 or later
  • iOS 14.0 or later for the password vault app
  • iOS 15.0 or later for the authenticator app
  • Windows 8.0 or later
  • macOS — two most recent versions and a 64-bit processor is required
  • Linux
  • Chrome OS

Browsers

  • Google Chrome
  • Mozilla Firefox
  • Microsoft Edge
  • Safari
  • Opera

How much does LastPass cost?

The free version of LastPass comes with a surprising number of useful features like autofill capabilities and a password generator. This is great for anyone who doesn’t need to share their passwords with anyone else or use them across multiple devices.

If you do need a little more from LastPass, paid plans come with enhanced features like phone support and emergency access for family members who may have forgotten their password.

LastPass plan comparison

Plan LastPass Free LastPass Premium LastPass Families
Price Free $3.00/mo $4.00/mo
Number of users 1 1 6
Number of devices 1 Unlimited Unlimited
Password vault
Autofill
Password generator
Two-factor authentication
Encrypted storage
Data breach alerts
Digital legacy
Security dashboard
Dark web monitoring
Emergency access
Details View Plans View Plans View Plans
Prices as of 05/24/2023.

LastPass prices are on par with Keeper and 1Password. All three services charge annually but like to advertise the products by what the annual price equates to monthly. For a truly transparent view of each of these, please look at the cost breakdown we’ve included:

  • Keeper: $35 per year
  • 1Password: $35.88 per year
  • LastPass: $36 per year

LastPass costs less than Dashlane's personal plans, but other password managers like NordPass and Bitwarden are cheaper.

It is worth noting that Keeper, 1Password, Dashlane, NordPass, and Bitwarden haven't been breached, while LastPass has suffered several security breaches.

LastPass has a limited free version as well as a 30-day free trial for paid plans.

LastPass FAQs


+

Is LastPass trustworthy?

LastPass’ trustworthiness has come into question with two back-to-back breaches in August and November of 2022. All customers are urged to change their passwords immediately and enable multifactor authentication on all accounts. Competitors Keeper and 1Password both boast similar levels of security without data breaches or being hacked.


+

What are the disadvantages of LastPass?

LastPass has encountered more security breaches than we’d like to see from a security provider. It also can become glitchy on devices like Apple Watches or with macOS updates.


+

What was the controversy with LastPass?

LastPass has been involved in multiple data breaches with the last one being revealed in November 2022. LastPass shared details of the latest breach plus information collected in previous breaches in a blogpost on its site.

Significant amounts of customer data were obtained in the most recent breach, and all LastPass customers are encouraged to change all passwords stored on the site.


+

What’s better than LastPass?

Both Keeper and 1Password are top alternatives to LastPass. As of the date of publishing, neither service has suffered a hack or data breach.

While Google has a proprietary password manager built into Chrome, Google’s password manager isn’t safe enough to trust all your data to the service. A third-party service like the two we’ve mentioned will add another layer of security.


+

Did LastPass get hacked in 2022?

Yes, LastPass was hacked in August 2022, and that information was used to perform another, more expansive breach in November 2022. Among the data stolen were customers’ encrypted vaults and source code from LastPass itself.


+

Is LastPass a Chinese company?

No, LastPass is based in Fairfax Virginia. It was originally owned by LogMeIn, now called GoTo, which is based in Boston, Massachusetts. LastPass became a standalone company in 2021.

Bottom line: Is LastPass good?

Even if we could be 100% sure that LastPass fixed its security flaws and we knew changing our passwords in our vaults would keep our accounts safe, LastPass has suffered too many security incidents to feel like a good product.

The fact that the first security breach of 2022 happened a month after LastPass received its third-party audited security certificate is worrying. On top of that, the dicey privacy policy and aggregated collection of data feels out of place for a security-focused company.

That isn’t to say you shouldn’t use a password manager. They help keep everything organized so you don’t lose your passwords. If they contain features like a password generator, like LastPass does, then you have additional security with strong, unique passwords suggested and saved for you.

Password managers like Keeper and 1Password claim no security incidents and provide the same services as LastPass. It might be better to look at one of those.

3.5
Learn More
On LastPass's website

LastPass
  • Helpful features like family profiles and a password generator
  • Compatible with lots of browsers, OS, and devices
  • Multiple data breaches including November 2022
Author Details
Mary lives in Los Angeles and has been a cybersecurity writer for over five years. With a B.S. in Liberal Arts from Clarion University and an M.F.A. in Creative Writing from Point Park University in Pittsburgh, her career in online security began in sales and content creation for a private cybersecurity firm.

Citations

[1] Notice of Recent Security Incident

[2] LastPass Admits to Severe Data Breach, Encrypted Password Vaults Stolen