Quick Review
LastPass is a simple, easy-to-use, affordable password manager offering free and premium plans for personal use and businesses. It uses AES 256-bit encryption and a zero-knowledge policy to secure the vault’s data. Besides this, it is SOC 2 Type 2 compliant, which guarantees that users’ data is safe with them.
LastPass offers excellent features that cover all the basic password management features and a few extra features like country restriction and credit monitoring which no other password manager offers. However, LastPass has suffered from data breaches twice and has always been under the radar for having vulnerabilities. Thus, to know whether it’s a perfect choice, let’s first compare its strengths and weaknesses.
LastPass ranks among the best password manager, stuffed with a range of features worth using. It is relatively safe to use as it deploys the industry’s highest encryption standard and is also SOC 2 Type 2 compliant, which means you can trust them with your data.
The password manager includes many features that cover basic to advanced functions. Here’s a quick overview of LastPass’s features:
| Features | Description |
|---|---|
| Password Generator | It allows users to create and save passwords using the web vault, browser extensions, and apps. |
| Security Dashboard | It determines the health of the stored passwords by categorizing them as weak, reused, or compromised. |
| Dark Web Monitoring | It scans the dark web to know if your credentials are leaked online. |
| Emergency Access | It allows adding trusted contacts to access your vault. |
| Country Restriction | It allows you to choose the countries you want to access in the LastPass vault. |
| Multi-Factor Autheticaion | It enables users to add a second verification step to access the account and prevent unauthorized access. |
| Secure File Storage | It offers 1GB of encrypted file storage to secure notes. |
| Autofills | Users can autofill their logins and other information with this feature |
| Multiple Folder Sharing | It allows users to create, manage, and share folders with multiple users. |
| Dashboard Management | The families and business plan users can manage the dashboard. |
| Credit Monitoring | It monitors the credit card reports and alerts users if they are any changes, but this feature is only available to US users. |
| Passwordless Logins | It allows users to access their online accounts without entering passwords. |
| Equivalent Domains | This feature allows advanced users to use the same login for companies with the same login service. |
| Never URLs | You can add website URLs where you don’t want to use the LastPass service or functions. |
However, LastPass has severe security gaps, which makes people wonder if it’s worth using. It was hacked in 2022 and 2015, and the worst is that LastPass, in its blog, confirmed that threat actors also have access to users’ sensitive information. Besides this, the apps and browser extensions do have vulnerabilities. Let’s dive into this detailed LastPass password manager review to investigate the truth.
Managing LastPass Settings
While setting up a password manager seems confusing to many users, LastPass keeps things simple and easy. To get started with LastPass, you can use two methods, i.e., download the applications or browser extensions. Both are quick and easy for non-tech savvy and advanced users.
LastPass offers dedicated apps for Android and iOS platforms that users can easily download via their app store. The password manager also claims to offer apps for Linux, Windows, and Mac, but it was shocking to visit the official site and learn that there was no app download option. Like Dashlane, integrate LastPass with the web browser extension to enjoy a seamless experience on desktop devices.
To set up a LastPass user account, follow the steps below:
- Visit the LastPass site and select a plan you want to use. You can also click on the red Get LastPass for free button.
- Create the user account by entering a valid email address and a strong master password. (As it is the main password for accessing the vault, LastPass provides guidelines to create a strong and unique master password. Ensure the password is 12 characters long with at least one number, one lowercase, and an uppercase letter).
- After creating the master password, Sign up for a free account.
- A prompt to download the browser extension will appear.
- Install the browser extension and log into your account. The vault looks like this:
6. Click on the web vault to store passwords and other data.
Setting up a LastPass account via browser extension was surprisingly convenient. However, it’s still essential to download the apps to manage the data and account settings fully.
LastPass’s Security
LastPass is relatively safe; it has security gaps that make people question its security standards. It uses standard AES 256-bit encryption, PBKDF2 SHA-256 key, and salted hashes to protect data in the vault. With such strong security measures, it is nearly impossible for anyone to break in and access the data.
Besides this, LastPass also uses a zero-knowledge policy that ensures that it locally encrypts and decrypts the data on the device. At the same time, the user’s master password is not stored on the company’s servers. Hence LastPass doesn’t have any access to the master password or vault. All the LastPass plans offer the two-factor authentication feature that boosts account security.
LastPass also claims to maintain users’ privacy and informs users about its commitment to privacy. In addition, LastPass is SOC 2 Type 2 compliant, meaning users can trust it to handle customers’ data securely and generate security audit reports available for the new admin console.
However, on the darker side, LastPass’s security often falls under the gray area. It bears a past track record that’s full of security breaching incidents.
In 2015, LastPass suffered a data breach in which attackers accessed and stole the cloud data but failed to access any sensitive information. In 2016 and 2019, vulnerabilities were found in the apps or browser extensions. In March 2020, the University of York published a white paper identifying multiple vulnerabilities within the password manager.
It continued the following year when a researcher noticed different trackers in the Android app. In August 2022, LastPass recently admitted that its developer systems got hacked. But, hackers were not able to compromise any data. However, according to a recent development, in the August 2022 data breach, the malicious actors obtained users’ encrypted password vaults and personal information.
Trusting LastPass’s security is not easy. It must immediately undergo a security audit to prove its security standards and regain users’ lost trust.
Interface and ease of Use
LastPass interface is simple and easy to use. It doesn’t cause any user trouble during the entire navigation process. After logging into the web vault, the main dashboard appears on the screen:
The design and UI are pretty outdated, which doesn’t impress the users. The left side of the menubar includes all the data entry categories, security features, account setting options, and advanced options.
Start importing passwords by tapping on the import password at once option or by navigating into the account settings option and then clicking on the import category.
LastPass allows users to import passwords from all popular browsers and password managers and guides the steps to completing the task. Interestingly, you can also import passwords as .CSV files.
With LastPass, you can store logins, payment info, secure notes, and other personal information in the vault by tapping on the add-one-by-one option on the main dashboard. The process is intuitive and allows users to add new customization data entry types. This makes it one of the most preferred choices of users looking for a service that excels more than logging passwords and login details.
To check the health of your passwords, click on the Security dashboard.
Within the Security Dashboard, the dark web monitoring tool asks you to add items to the vault so a scan can run on the dark web.
LastPass’s most impressive web vault features were the Sharing Center and the Emergency Access. While the Sharing Center allows one to create multiple folders, manage them, and share them with friends and family, the Emergency Access lets to add contacts of trusted ones that can access the vault immediately or for a few hours, days, or even a month during an emergency.
But both features are available only in the premium plan. If you’re using LastPass in the free trial period, you can’t access these features, which might upset users.
LastPass account setting options are quite appreciable. It includes General settings, a 2FA option, and advanced options that are rare in other password managers. Go to the advanced options tab to take advantage of more advanced features like credit monitoring.
If you want to create passwords, enable the autofill login, or add websites to the vault, consider using the right menu bar.
Like the web interface, the mobile app interface is simple and offers great ease of use. But users again are not happy with it, and on Reddit have criticized this thing a lot. It’d be best if LastPass relaunched its app to ensure a highly customizable and user-friendly experience.
Compatible devices and Browser Extensions
LastPass is compatible with all popular devices, browsers, and operating systems. It offers well-designed and intuitive apps for Android and iOS. The apps are easy to use and download and offer similar functionality. After installing the apps from the app store and creating the user account, you can enjoy a hassle-free experience. The apps are super-friendly, so feel free to explore them. It is just a matter of a click, and you’ll find all the features.
The password manager also ensures an incredible user experience on Windows, Linux, and Mac. Since a few password managers offer support for Linux so, it’s a great password manager for Linux users. To use LastPass’s desktop version, no need to install apps; instead, download the browser extensions.
LastPass also offers browser extensions for all mainstream browsers like:
- Google Chrome
- Mozilla Firefox
- Microsoft Edge
- Safari
- Opera
It was utterly shocking to know that in 2020, LastPass removed its extension from Google web store. It means that desktop users who use Chrome browser won’t be able to use LastPass. But the issue got resolved soon, and now the extension is accessible to everyone.
LastPass’s browser extensions seem nothing less than its apps. But after testing, it was evident why the downloading app is crucial. It offers limited functionality, allowing users to generate and save passwords and add data items. There is no autofill or password import option, which was a complete bummer. Also, it only includes one premium feature, the Security Dashboard. However, it redirects you to the web vault upon clicking on it.
The limited functionality and features don’t make the LastPass browser extension worth using.
Features overview
LastPass, like most other password managers, offers basic password management features. But some other notable features make LastPass shines out from its competitor: These extra features include:
- Credit monitoring tool
- Country restriction
- Passwordless logins
- Never URLs
- Equivalent URLs
- One-Time Passwords
These features improve security and add more value to your overall user experience.
Other than this, below is the breakdown of the core LastPass features:
Password Generator
The Password generator is every password manager’s basic and core feature. This feature allows users to generate strong and unique passwords for their online accounts. The best thing about the LastPass password generator is that it’s built-in into the web vault and the browser extensions. Users don’t need to visit LastPass’s website to generate passwords.
Security Dashboard
The security dashboard is the most outstanding LastPass feature. Though it’s included in all other password managers, the unique thing about LastPass Security Dashboard is that it also has a dark web monitoring tool. Users can evaluate their stored passwords’ health and change any weak, reused, or compromised passwords.
But, at the same time, they can also run a dark web scan by adding their email address and other details to know if their passwords or other personal information is leaked. Business plan users can benefit more from this feature and prevent credential-stuffing attacks.
Emergency Access
Emergency Access is another LastPass feature that allows users to add a trusted contact to access their vaults during an emergency. It asks users to add up the email address of the trusted contact and then choose the access period. Users can choose from immediate access to 30-day access. However, this feature is only available for premium users.
Apart from this, LastPass also offers excellent features for business users. All these features play a vital role in protecting passwords and employees’ data and preventing potential online threats.
LastPass Customer Support
If, while using LastPass, users encounter any issues, the customer support team is always there to help them out. The best way to address these issues is the website resources.
LastPass includes comprehensive and knowledgeable resources with blogs, articles, video tutorials, FAQs, and user guides.
It also has an active user community and social media pages on all social networking sites, including Twitter, Instagram, and Facebook. Though it is the fastest way to ask for help, this isn’t the case with LastPass. The Twitter page seems inactive for a long time and isn’t the best choice.
However, joining the user community is a great way to interact with experts and other users who assist you with extensive knowledge and prior experience.
To contact the sales department or request a demo, visit the Contact Us page.
Besides this, LastPass also offers telephonic support and a live chat option. But it was, again wasn’t great to know that the live chat support agents are available from 9 am to 5 pm (EST). If someone needs immediate help, they can’t get it. However, when the live chat feature was tested, it raised skepticism. The virtual assistants were there to offer help, but in reality, they even failed to understand the query, which was another setback.
Overall, LastPass customer support is decent. As getting in touch with the support team representatives is quite challenging, they need to work on it.
LastPass Pricing Plan
LastPass has free and paid versions. The paid version has subscription plans for personal and business use. All the plans are annually billed, which means it doesn’t offer a monthly plan like its competitors and is backed up by a 30-days free-trial period.
The free version of the LastPass password manager is limited to only one user and device. The name implies that the LastPass free version will have a great limitation, leading to a frustrating user experience. But this is not the truth. Users can create and store unlimited passwords and secure notes in the vault and can access the following features:
- MFA
- One-to-one sharing
- Passwordless logins
- Automatic device sync
- LastPass authenticator
The premium plan starts at $3.00 per month and allows one user to access the LastPass account on unlimited devices. It includes all the free plan features with some extra features like:
- One too many sharing
- Unlimited shared folders
- 1GB encrypted file storage
- Access to premium security tools (Security dashboard, dark web monitoring, Emergency Access, MFA, and Advanced MFA)
LastPass family plan is best suited for up to six users and costs $4 per month. It covers all the premium features with unlimited shared folders and a family dashboard manager.
LastPass free version is the perfect plan for an individual looking for basic password protection. In contrast, the premium plan offers great value for money and is the most suitable subscription plan.
Business Plan
LastPass is also the top-most choice of business organizations. The password managers offer two premium subscription plans for teams and medium to large-size businesses.
The Teams plan costs $4 per user/ month and allows access to up to 50 users. This makes it the best password manager for small-size businesses. The plan offers numerous business-specific features like:
- Admin consoles
- Add-ons
- Customization security policies (up to ten)
- All password management features
- MFA and advanced MFA
The business plan includes all the features offered in the Teams plan with a range of other extra features like:
- SSO
- VPN with advanced MFA-add on
- Integrations
- Advanced Reporting
- Advanced adoption
- Customization user management
- Families as a benefit
This plan costs $6 per user/ month and allows unlimited use of it. If you have a limited-member team, choosing the Teams plan is a better option.
Final verdict
LastPass ranks among the top-tier password manager list. It utilizes strong AES 256-bit encryption and zero-knowledge protocol to protect the logins and other data in the vault. Besides this, it offers several advanced features that improve online security and protection from potential threats, besides providing basic password management functions.
It is easy to use and offers a decent interface with a pretty old design that needs an immediate update. There are free and premium versions for all users, including businesses and families.
However, there are some areas where LastPass needs to work. Customer support must have a 24/7 live chat team to provide instant help to the users. There’s an immense need for the company to undergo security audits to prove that they value users’ data. Moreover, it would be best if LastPass had standalone apps for desktop devices for a more smooth and more seamless experience.
FAQs
Share this article
About the Author
Rebecca James is an IT consultant with forward thinking approach toward developing IT infrastructures of SMEs. She writes to engage with individuals and raise awareness of digital security, privacy, and better IT infrastructure.
More from Rebecca JamesRelated Posts
What Is A Dashlane Password Manager? Full Review 2024
Quick Review 4.1 (22) Dashlane password manager is a popular password manager in the marke...
Kaspersky Password Manager Review In 2024
Kaspersky is an established brand offering an advanced security solutions and services portfolio. Mi...
How Safe is Norton Password Manager? Full Review In 2024
Quick review 4.5 (112) Norton password manager is a free-to-use password manager that offe...
Does Keeper Password Manager Keep Passwords safe and secure?
Quick Review 4.6 (232) Keeper is a secure password manager that protects users’ pass...
How safe is 1Password manager? Detailed and Complete Review
Quick Review 4.8 (145) 1Password is one of the most secure password managers available for...
Is Samsung Password manager worth trusting for password security? Review In 202
Quick Review 4.8 (33) Samsung Pass is a free password manager that allows users to save th...
