LastPass quick informationOur ranking: 3.4 stars out of 5.
|
In 2022, LastPass skilled two main information breaches that resulted in buyer information being stolen. This information consisted of encrypted fields akin to web site usernames and passwords, safe notes and form-filled information, and unencrypted information akin to web site URLs.
Whereas LastPass provides an honest password supervisor expertise with its slew of two-factor authentication choices and constant password seize and replay, its latest safety incidents stop us from recommending their service.
Dashlane
Staff per Firm Measurement
Micro (0-49), Small (50-249), Medium (250-999), Giant (1,000-4,999), Enterprise (5,000+)
Micro (0-49 Staff), Medium (250-999 Staff), Enterprise (5,000+ Staff), Giant (1,000-4,999 Staff), Small (50-249 Staff)
Micro, Medium, Enterprise, Giant, Small
Options
Automated Provisioning
ManageEngine ADSelfService Plus
Staff per Firm Measurement
Micro (0-49), Small (50-249), Medium (250-999), Giant (1,000-4,999), Enterprise (5,000+)
Any Firm Measurement
Any Firm Measurement
Options
Entry Administration, Compliance Administration, Credential Administration, and extra
Is LastPass secure?
Due to the newest information breaches, I wouldn’t say LastPass is secure to make use of. In 2022, LastPass skilled two main information breaches that led to each LastPass buyer and firm information being stolen. The primary incident, which occurred in August 2022, concerned a software program engineer’s company laptop computer being compromised.
In keeping with LastPass, the incident allowed a nasty actor “to gain access to a cloud-based development environment and steal source code, technical information, and certain LastPass internal system secrets.” The corporate reiterated that “[n]o customer data or vault data was taken during this incident.”
SEE: Find out how to Run a Cybersecurity Threat Evaluation in 5 Steps (TechRepublic Premium)
Sadly, LastPass disclosed a second breach on November 22, 2022, whereby the information gained within the August 2022 breach was utilized to entry LastPass buyer information. Particularly, the menace actor gained “unauthorized access to cloud backups” that included “system configuration data, API secrets, third-party integration secrets, and encrypted and unencrypted LastPass customer data.” This buyer information consisted of encrypted fields akin to web site usernames and passwords, safe notes, and form-filled information and unencrypted information akin to web site URLs.
LastPass has stated that the encrypted information stays safe with 256-bit AES encryption as long as the consumer’s grasp password makes use of their password finest practices, akin to having a 12-character minimal and never reusing the grasp password on different websites. In January 2024, LastPass introduced that the corporate will implement a requirement for all prospects to make use of a grasp password with a minimum of 12 characters. Previously, a 12-character grasp password was the default setting, however prospects nonetheless had the flexibility to decide on a grasp password with fewer characters. It’s the firm’s hope that efforts akin to these will “create stronger and more resilient encryption keys for accessing and encrypting [customer] LastPass vault data.”
In Could 2024, LastPass introduced it will separate from earlier mum or dad firm GoTo and can now function as an unbiased firm beneath LMI Father or mother, L.P. The corporate additionally stated it can spend money on the institution of a devoted menace intelligence group, “designed to protect the broader LastPass community by proactively monitoring for, analyzing, and helping to mitigate potential threats.”
SEE: LastPass Free vs Premium: Which Plan Is Proper for You? (TechRepublic)
Whereas LastPass continues to implement safety adjustments in an effort to rebuild public belief, I imagine the chance merely isn’t price taking given the corporate’s tumultuous historical past of breaches. Other than the 2022 breaches, LastPass has had safety incidents since 2011. There’s even been a report linking the stolen LastPass accounts from November 2022 to a string of cryptocurrency heists.
You is likely to be higher off utilizing safer password managers, akin to Dashlane or Keeper, as each firms have but to report information breaches.
Is LastPass free?
LastPass has a free model, albeit with restricted options. It provides a limiteless variety of password storage and comes with one account. In comparison with a premium LastPass subscription, the free tier will solely enable for one gadget sort. Which means you’ll solely be capable of use LastPass Free on both a pc or a cell gadget.
Different limitations embrace not having LastPass’ One-to-Many password sharing function, no emergency entry capabilities, and the shortage of superior multi-factor authentication choices akin to YubiKey and fingerprint authentication.
SEE: Find out how to Use LastPass Password Supervisor (TechRepublic)
In case you’re in search of a free model to make use of long-term, I like to recommend attempting out Bitwarden’s free model. It provides the identical limitless variety of password storage as LastPass but additionally permits entry to vaults on a limiteless variety of consumer units, in comparison with LastPass’ one-device sort restrict.
For these curious to study extra about password managers, how they work, and the way they may profit you, take a look at our Password Managers 101 video function.
LastPass pricing
Like most password managers, LastPass categorizes its pricing into Single Customers & Households and Enterprise prospects. Let’s check out the primary group or plans.
| Plan | Free | Premium | Households |
|---|---|---|---|
| Value | Free | $3 per thirty days | $4.00 per thirty days |
| No. of accounts | 1 | 1 | 6 |
| No. of gadget varieties | 1 (both pc or cellphone) | Limitless | Limitless |
| Notable options |
|
|
|
LastPass’ Premium and Households plans are on par with most of its competitors. Its $3 per thirty days Premium plan falls in the course of related subscriptions from Dashlane ($4.99 per thirty days) and RoboForm ($1.99 per thirty days).
The story is identical for its Households plan, priced at $4.00 per thirty days, overlaying six accounts. As of August 2024, it sits in an analogous worth vary with Dashlane’s Buddies and Households plan for $7.99 per thirty days that accommodates 10 customers.
SEE: The 6 Finest LastPass Alternate options for 2024 (TechRepublic)
In case you’re particularly inquisitive about a household plan, Bitwarden’s Households plan at $3.33 per thirty days for six customers is at present the very best deal. It covers the identical most of six customers at a extra inexpensive worth. It additionally has an excellent safety popularity as an open-source password supervisor. To study extra, learn our full Bitwarden overview.
LastPass’ Enterprise plans encompass LastPass Groups and Enterprise.
| Plan | Groups | Enterprise |
|---|---|---|
| Value | $4.00 per consumer per thirty days | $7.00 per consumer per thirty days |
| Variety of customers | 50 customers or much less | Limitless |
| Notable options |
|
|
LastPass’ Groups plan, at $4.00 per consumer per thirty days, is on the pricier finish. If we examine it to 1Password’s Groups Starter Pack, you may cowl 10 customers for $19.95. The identical variety of customers via LastPass Groups would quantity to $40 — a giant soar in worth. Bitwarden’s Groups Starter plan is comparable, priced at $20 for as much as 10 customers.
LastPass Groups permits as much as 50 customers, which can be useful to smaller groups with greater than 10 members. Nevertheless, it’s vital to reiterate that you just gained’t get the identical degree of safety with LastPass in comparison with different password managers.
SEE: Keeper vs LastPass (2024): Which Password Supervisor Is Higher for Your Enterprise? (TechRepublic)
LastPass Enterprise is within the center vary by way of comparable plans to the competitors. LastPass Enterprise, at $7 per consumer per thirty days, is in between Bitwarden’s Enterprise plan for $6 per consumer and Dashlane’s $8 per consumer.
LastPass provides a free 30-day trial for its Premium and Households plan and a 14-day trial for its Groups and Enterprise subscription. In case you actually wish to strive LastPass, going for considered one of these trials is your best choice by way of pricing.
Key options of LastPass
Other than password technology, autofill, and multifactor authentication, LastPass features a few attention-grabbing options that make it stand out from the competitors.
One-time passwords
LastPass lets you create a set of non permanent, one-time passwords (OTPs) everytime you wish to entry your vault from a public pc and don’t wish to enter your grasp password.
OTPs may be helpful for individuals who regularly journey and don’t carry their very own pc or gadget on a regular basis. These enable customers to entry their vaults remotely with out having to fret about keyloggers or malware stealing their grasp passwords each time they use public WiFi.
Nation restriction
One other travel-friendly function is LastPass’ Nation Restriction toggle. This enables customers to solely enable logins from chosen international locations, including a layer of safety everytime you’re touring or abroad.
It is a handy set-and-forget function that vacationers can make the most of to guard their passwords from being illegally accessed by malicious third-parties each time they’re overseas.
Take word that these nation restrictions may be bypassed should you use a digital personal community (VPN), as VPNs could make it seem that you just’re abroad or location aside from your individual.
Safety dashboard
LastPass additionally features a password well being function known as Safety Dashboard. It provides you a Safety rating that analyzes consumer safety, checks if in case you have any at-risk passwords, and lets you handle trusted units.
It additionally incorporates a darkish internet monitor that checks whether or not a specific electronic mail deal with you have got is compromised or is concerned in a knowledge breach at one other firm or service.
I personally like how LastPass bundles each its safety rating and darkish internet monitoring into one web page, giving customers easy accessibility to the 2 complementary instruments in a single place.
LastPass authentication and safety choices
LastPass comes with a powerful variety of multifactor authentication choices. Without spending a dime customers, there’s LastPass MFA, Google Authenticator, Microsoft Authenticator, Toopher, Duo Safety, and Grid.
In the meantime, Premium customers can arrange a YubiKey USB as their second issue, in addition to fingerprint or good card authentication. LastPass Enterprise customers additionally get entry to Salesforce authentication.
When it comes to safety choices, LastPass lets you set trusted units that allow you to skip MFA. Whereas I personally don’t advocate this due to the chance of publicity, it could be handy to show this on should you’re solely accessing your vault from one machine or location. LastPass additionally retains a document of the cell units with entry to your LastPass account and your location historical past.
LastPass interface and efficiency
I used LastPass’ internet vault for many of my testing, and I discovered the interface to be pretty intuitive. Every part from my vault to extra superior choices or settings like emergency entry and MFA had been positioned the place I anticipated them to be.
Design-wise, I feel LastPass’ interface appears a bit dated in comparison with the competitors. Dashlane and Keeper, for instance, have extra graphical designs in comparison with LastPass’ very plain interface. I additionally discovered navigating via the LastPass interface to be a bit clunky, with some settings taking a bit longer to load in comparison with the competitors.
For efficiency, nevertheless, I encountered zero points with LastPass’ password seize and replay capabilities. Its autofill function was additionally dependable, filling in username and password fields with none hiccups.
I additionally actually favored how the LastPass vault enables you to launch the actual app related to a given login.
With this, one can theoretically use LastPass as a form of command heart the place you may launch and signal into your most-used apps and companies simply.
Total, whereas I want LastPass had a extra up to date design, it supplied an easy-to-understand consumer expertise.
LastPass cell app
The expertise on the LastPass cell app is kind of the identical as its internet software.
I used LastPass’ Android counterpart on my Google Pixel 6 for this overview, and it inherits the identical intuitive consumer interface of its internet app.
By default, LastPass cell blacks out screenshots inside the app — an underrated safety function that forestalls unhealthy actors from stealing information out of your cell vault. Fingerprint login on the app additionally labored properly, and I actually favored the safety features included within the app, akin to an computerized lock when the app is idle and account restoration through biometrics.
It inherits the identical older-looking design of the online app, however this implies you aren’t lacking a lot should you solely plan to make use of the cell app over the online model.
LastPass execs
- A number of authentication choices.
- Intuitive consumer interface.
- Helpful one-time password function.
- Nation restriction performance.
LastPass cons
- Has been concerned in two main information breaches.
- Historical past of smaller safety incidents since 2011.
- Dated interface design.
- Clunky internet app expertise.
LastPass options
Given LastPass’ latest safety incidents, I’ve listed three different password managers that haven’t been concerned in breaches and can present extra safety in your information.
| Our ranking | Keeper | Bitwarden | 1Password |
|---|---|---|---|
| Beginning worth (client plan) | 4.4 out of 5 | 4.3 out of 5 | 4.3 out of 5 |
| Beginning worth | $2.92 per thirty days | $0.83 per thirty days | $2.99 per thirty days |
| (marketing strategy) | $2 per consumer per thirty days; max of 10 customers | $4 per thirty days per consumer; limitless customers | $2 per thirty days per consumer; max of 10 customers |
| Standout options | Shared group folders and subfolders; navy and medical reductions | Open supply; common and publicly out there third-party audits | Effectively-designed interface; distinctive journey mode performance |
Keeper
For bigger companies, Keeper is a good decide because it provides personalized bundles and curated pricing for enterprise prospects. It additionally has a Enterprise Starter subscription for groups of 10 folks and a Marketing strategy tailor-made in the direction of small-to-medium-sized companies.
Bitwarden
If safety is a prime precedence, Bitwarden is without doubt one of the finest. It’s open supply, which signifies that its supply code may be reviewed, analyzed, and audited by the general public. It additionally runs on a zero-knowledge structure and implements end-to-end encryption for its password storage.
1Password
For an all-around expertise, 1Password is a secure guess. It comes with an intuitive and modern-looking consumer interface that’s coupled with high-end encryption in your information. It additionally provides a singular Journey Mode function that may profit customers who usually go overseas for enterprise journeys.
Is LastPass price it?
No, LastPass’ latest information breaches stop us from contemplating it a worthy password supervisor. That is unlucky, as LastPass provides an honest password administration expertise with its in depth MFA choices and dependable password seize and replay.
Nevertheless, these options don’t imply a factor if LastPass can’t reliably preserve your delicate info safe and out of unhealthy actors’ arms. At this second, LastPass fails to hit this mark.
When it comes to options, choices akin to Bitwarden and 1Password can present the identical password administration expertise with none historical past of information breaches or hacking.
Evaluate methodology
My overview of LastPass concerned an in depth evaluation of its safety features, worth, and real-world efficiency. I had hands-on expertise with LastPass via a 30-day trial of its Premium plan.
To check LastPass, I used its internet vault software and browser extension on my Home windows laptop computer and its cell app on my Google Pixel 6.
I rated LastPass on every part from its password administration options to its pricing primarily based on an inside algorithm to get a ranking of three.4 out of 5 stars. The scoring was primarily based each on LastPass by itself and in relation to different password managers out there.