LastPass is one of the best password managers out there because it's free and easy to set up. It allows you to store all of your login information in one secure place with a single master password. In this LastPass review, I'll take a closer look at the security and privacy of this password manager.
Everyone has forgotten a password at one point. Who could blame us for that? We have too many accounts to keep up with. But please don’t stress over that when you can make your life easier with LastPass instead.
LastPass is the best password manager in its class. It has a web version and a mobile version as well. Plus, it comes in six languages, so don't worry about that barrier. Through LastPass, you will be able to link all your accounts together and set up one master password to get access to them all.
TL:DR LastPass will allow your entrance into all of your accounts on the internet with a single master password.
Pros and Cons
- Convenient and Time-saving
You don’t have to remember multiple passwords. You can access all your accounts with the master LastPass password.
- Uses Bank-level E2EE Encryption
LastPass uses AES 256-bit blocks for its end-to-end encryption, which is unbreakable by current computational powers.
- Available in 7 Different Languages
It supports English, German, Dutch, Spanish, French, Italian, and Portuguese. So, even though the app is based in the US, you will be able to work with it no matter what language you speak.
- Helps You Manage All Your Accounts from One Place
All your accounts will be listed down together so that you’re just one click away from logging into them.
- Intuitive User Interface Gives a Seamless Experience
The app has simple instructions and plenty of easy-to-read icons that point you in the right direction. It will also give you a tour to teach you ways around it.
- Generates Strong Passwords for a More Secure Presence on the Internet
Free and paid users can both use the password generator to create passwords at random. You can use this feature any time when signing up for new accounts.
- Not Too Good with Providing Live Customer Support
LastPass does not provide customer care through Live Chat. You have to call them on their hotline number, and the wait might be long if no representatives are on standby. Another option is to chat with a hired expert who will charge you a small fee.
- LastPass Login Problems
On an infrequent basis, the app will tell you that you are entering the password wrong even if you aren’t. In that case, you have to take the trouble to switch to the web version of the app so that you can access your account.
The web extension may also malfunction. In that case, you have to uninstall and reinstall it to get it to function back.
There are a lot of excellent features on LastPass free. All the features are designed to keep your passwords and login credentials safe.
However, we must mention that the paid Premium and Family plans have far more features. Some of those features help you to automatically fill up forms, export passwords as necessary and keep unlimited shared folders.
Let’s take a closer look at what LastPass offers in this LastPass review.
LastPass has pretty huge accessibility. It can be installed across different web browsers, different operating systems, and on different devices. It supports every browser – Google, Firefox, Internet Explorer, New Edge, Edge, Opera, and Safari.
There are two versions for two basic device types. There is the web version – install this one on your laptops and desktops. Then there is the mobile version, which can be installed on your Android/iOS smartphones, tablets, and smartwatches.
With the huge reach of this password manager, it can streamline all your accounts and give you an overall smooth experience online.
Ease of Use
The password manager is very intuitive. It has a simple user interface that is easy to interact with. The instructions are straightforward, so the app will guide you through the processes effectively. Making an account is only a matter of a few seconds, and anyone can do it!
Signing up to LastPass
This is the first thing you have to do to get started with your new LastPass account. To sign up, you have to punch in your email address and a master password.
The first page will ask for your email address.
Making the Master Password
Press next to go to the second page, where you will be asked to create a master password.
Instructions for a strong password will be provided in a dropdown menu once you click on the tab for typing out the keys. You will also be given an example in the web version of the app. After following all instructions, your password should be something like [email protected]
Making a very strong password is important because this is the one password that will connect all your accounts on the internet. So, make sure to follow these instructions to a T.
You will be allowed to put a password hint so that the app can shake your memory a little bit in case you forget your password. This part is optional. But if you are indeed using it, be careful not to use anything too telling. Don't use a hint that will make your master password too easy for others to guess. Keep it discreet.
Further Ease of Access (optional)
At this point, LastPass mobile apps will give you the option of using your facial profile to unlock the app. This will make it convenient to sign in to the app. This is one of the best features of this password manager. It allows you to access your accounts without even typing the password.
Note: We would warn you to practice caution here. The typing-free access to your accounts might have you forget your master password with time. If this happens, and you somehow lose your phone, then you will be locked out of your accounts. So, make sure that you always remember the master key.
There are a few ways in which LastPass users can manage their passwords. But password management on LastPass goes beyond just the simple act of storing passwords.
LastPass takes care of the security on your accounts, so there are security features in place to help you make your system hack-proof. Let’s explore the diverse world of password management to check out the range to which LastPass can get you help.
Adding/Importing Passwords into the LastPass Web Vault
You can add or import passwords from any account into LastPass. Starting from your accounts on social media platforms like Facebook, YouTube, Google to the accounts you have on other password managers like DashLane, Roboform, NordPass, and so on.
After adding your account to LastPass, you will be able to get access to those accounts when you enter Vault.
The most secure passwords are those that are completely random. Put random passwords on your accounts before adding them into the password Vault. This is a great way of securing your accounts before locking them in with the LastPass master key.
Instead of going through the effort of coming up with random passwords for your accounts, you can use the LastPass website to generate a random string of words for you.
Follow these steps to generate a random password for your accounts:
Step 1: There’s a LastPass icon on the toolbar of your web browser extension. Click on that.
Step 2: Type in your email address and the master password to log into your LastPass account. If the black icon has turned red , it means that you have done the activation right.
Step 3: Now, go to the website for which you want to generate the random password. You can do this when opening a new account and also when you want to change the password of an existing account.
Step 4: The actual generation happens at this stage. You can get access to the password generation options from the following access points.
- From the In-field Icon: Locate this icon and click on it.
- Via the Web Browser Extension: Click on the red icon from the toolbar and select Generate Secure Password from the drop-down list.
- Through the Vault: Click on the red icon , then select Open My Vault. From there, find Advanced Options, and click on Generate Secure Password.
After you have generated one password, you can keep clicking the icon to generate more passwords until you find one that you actually like. Then, click on to copy your finalized password to the web vault and keep it elsewhere on your computer.
Step 5: After you have confirmed the password, click on Fill Password to take it to the form. Click Save.
After the password has been changed on the site, log out of the website and then log back in with the generated password to secure it into LastPass. That’s all.
You can store not only the passwords of your accounts from different websites but also information of addresses, bank accounts, and payment cards to your LastPass account. Then, you can use it to directly fill up forms for you when you’re on other websites.
You can always fill in forms manually, but that wouldn’t be wise since LastPass can do it faster at greater convenience. LastPass can store your passport information, licenses, insurance numbers, and even your Social Security Number.
To do this, click on the LastPass browser extension, go to All Items > Add > More Items to expand the drop-down list, and put all necessary information into their fields. Click save on everything.
Now that LastPass knows your information, you can use it to fill up any form that you are required to on any website. Just keep the form open, click on a field, then tap the icon from the browser’s toolbar. Any relevant information that is saved on LastPass will automatically fill itself into the form.
However, I will point out that the form filling option hasn't been completely refined yet on the LastPass website. In some cases, this option doesn't work right. Sometimes it doesn't read the tag on the field right and ends up putting in mismatching information in the wrong place.
Auto Filling Passwords
Similar to the task of filling forms with saved data, you can use the LastPass browser extension to fill in your login information on apps and websites. But for this to happen, you need to enable the Auto Fill option. Here are some of the steps that you can use to do this –
Step 1: Log in to LastPass.
Step 2: On Android’s user interface, click on the icon on the upper-left corner of the screen. On iOS, look at the bottom right to find settings.
Step 3: Enter Settings. Choose Autofill.
Step 4: There is a toggle switch on Autofill Login Credentials, turn that on.
Step 5: Click on Next, and the Accessibility Menu of your phone will pop up.
Step 6: Find LastPass here, and toggle it on so that your phone gives permission to the app.
- Now you have successfully synced your phone with the LastPass app.
- The Autofill feature is available on free versions of the app. It will allow you to swiftly enter your login credentials to apps and websites that are supported by LastPass. There are two ways in which your phone will use this feature:
- Pop-up: This is the cleaner way in which Autofill is utilized. Open a website or an app, and attempt to log into it. Click on any one of the empty tabs in the login form.
LastPass will automatically pop up on the screen. Tap on the list of your accounts to select the credentials that you want to use for the login. All the tabs will fill up with pre-saved data automatically.
- Autofill via LastPass Notification: This option is only possible for Android, not on the browser extension. Go to the LastPass app settings, then choose Show Autofill Notification so that it shows up on the notification panel. You can use this in cases for which the pop-up doesn’t appear.
- While you’re on the login page of the website waiting to fill up the form, swipe down on your phone to open the notification panel and tap on Autofill with LastPass to have your credentials fill up the form automatically.
LastPass Security Challenge
The best password manager doesn’t only store all the passwords and your information, but it also gives you feedback on the strength of the passwords that you have in effect.
There is a tool within this app called the LastPass Security Challenge. This tool analyzes your saved passwords in the Vault, and then it gives you a score on them so that you know if they’ll be able to hold up during a cybercrime attempt.
Go into the Security/Security Dashboard on your app, then check out your score. It will look something like this.
Now, this is an example of a pretty good case. It already has a high safety score.
If your score isn’t as high, then you should improve the level of security on your account. Do you see the At-risk Passwords?
That bar would show up red in case of a low-safety score. You can click on that and check out the passwords that are weak. Change the weak LastPass password by replacing it with one of those LastPass-generated passwords. Your level of security will move straight up by a few notches.
When LastPass audits your accounts, it tells you how secure they are. As you can see on the screenshot, it tells you which passwords are at risk, and it tells you whether your Multifactor Authentication is on.
You will get a list of all trusted and permitted devices, and if you want to change the permission to any of them, then you can do so by clicking manage.
This feature is only available for paid LastPass users. You can use this function to share the accessibility of your passwords with one or two trusted contacts who will be able to get into your account in case something unfortunate happens to you.
Other password managers have this feature as well, and they all work quite similarly.
In order to work this feature, the other LastPass users will need to have a public key and a private key. All you have to do is put in your recipient's email address, their public key, and a waiting period after which decryption will be possible.
LastPass uses special public-private cryptography via RSA-2048 to encode its access keys. To do this, LastPass will take the recipient’s public key and integrate the key of your password vault with it to make a unique key through RSA encryption.
This encrypted key can only be opened by the recipient’s private key, which will be recognized and accepted due to the common markers that it shares with the recipient’s public key.
When the waiting period is over, your recipient will be able to decrypt your data using his/her unique private key.
Security and Privacy
The core of LastPass is built on the foundation of strict privacy and security. There are bank-level encryption systems in place to assure that no one will have free access to your information, not even LastPass itself.
End-To-End Encryption (E2EE)/Zero-Knowledge
E2EE means that only the sender on one end and the recipient on the other end will be able to read the information that is being relayed. The pathway through which the information travels will not have access to the decrypted information.
This doesn’t mean that third-party apps won't be able to have access to your information. E2EE only encrypts your information in transit. Therefore, your service providers will have the decrypted version of your message. If they choose, they can definitely sell your information out to third-party apps.
By all means, they will have access to it, but the E2EE means that they will see nothing but a bunch of codes that they can’t crack. Thus, your information will be completely unreadable and unusable to them. They will have zero knowledge whatsoever.
Oh, and another thing of note is that the E2EE doesn’t exempt the website owners from the encryption either. So, even the apps that you are using as the communication platform won’t be able to read your text now.
LastPass is one of the best free password managers because it uses the AES-256 cipher to encrypt information that is fed to it. All your passwords become encrypted once they are entered into LastPass. They remain encrypted as they reach their designated servers.
It is virtually impossible to break the encryption of an AES-256 system because there are 2^256 possible combinations for the right key. Imagine guessing one correct value from that!
Hackers won’t be able to read your password even if they breach through the firewalls of a server. Thus, your account and all its information will still remain secure after a breach.
LastPass Authenticator App
Free LastPass users will unfortunately not be getting this feature. In paid versions, the LastPass Authenticator works on its own on systems that are supported on both Android and iOS. It complies with the TOTP algorithm, which means that it is compatible with all the apps and websites supported by Google Authenticator.
This feature can employ a range of different authentication tools for you. Its methods include time-based 6-digit passcodes, one-tap push notifications, voice authentication via the Call Me option. It will enable you to get 2FA for multiple services at once.
The multifactor authentication options (MFA), also known as the 2-factor authentication (2FA), will double the security of your account on LastPass. You can explore factor authentication options by going into Account Settings and clicking on Multifactor Options on the tab.
You will find a list of websites below. Click on the ones that you want to secure with the authenticator app.
These are your smartphones, tablets, and smartwatches, which you have already authenticated through LastPass. You can revoke your permission to these devices by going into Account Settings > Mobile Devices > Action. Delete the device that you don’t want to give access to.
These devices will still be on the list if you deny them permission. When you decide to give access to them again, all you have to do is get into Account Settings > Advanced Options > View Deleted Items and then click restore on your particular item of choice.
GDPR is the acronym for General Data Protection Regulation. This is the toughest data protection law in the world, and it applies to organizations all across the globe.
LastPass has been certified to be compliant with all the principles of GDPR, which means that they are legally bound to these international obligations. This means that LastPass will be directly responsible for any mishandling of the encrypted files and data in their storage.
LastPass releases all your data if you decide to delete your profile, as not doing so would mean that they are breaching their GDPR data protection rules, which would run them into serious legal complications, and their license could also be revoked in such a case.
Sharing and Collaboration
Password sharing is a practice that should only be done in a limited capacity. But if you must share your LastPass password with family members or trusted friends, then you can do so within the LastPass infrastructure.
Unfortunately, password sharing and collaboration are not supported in the free version of the app. Only Premium subscriptions allow you to share folders and files.
If you have a single account, you can share an item with multiple users. And if you are on a family account, you can share unlimited folders with each member of the plan.
Use the Sharing Center to add folders and manage them between the members of your family/team/business account. All you have to do is go to the LastPass Vault, click on the Sharing Center, then tap the icon to directly add a new folder to the sharing center.
- If you want to work with users or files that already are in LastPass, then you have to select that file and tap Edit to open up some options. Here’s what you can do here:
- You can share a folder with someone who is already using the account with you, and you can also type in the email address of a non-member account that you want to share the file with. Adjust the settings to choose whether you want to limit the file to a Read-Only version or Show Passwords. Then press Share.
- You can also deny your permission to let a person access your file. Select a specific shared folder, then right-click on it to bring down the menu, click on Change User Permissions. From here, select Edit, then select Show Passwords or Read-Only. Then save the settings once you are done.
- You can also Unshare a file at this stage. Simply click on the user's name to whom you want to deny permission, then click Unshare to complete the action.
Free VS Premium Plan
|Features||Free Plan||Premium Plan|
|Random Password Generator||Yes||Yes|
|Sharing||Allows only one to one sharing||Allows one-to-many sharing|
|Number of Supported Device Types||1||Unlimited|
|Automatic Sync Between Devices||No||Yes|
|Dark Web Monitoring||No||Yes|
|Monitor Other Accounts for Data Breaches||No||Yes|
|File Storage Available||No||Yes, 1 GB|
Extra features are available both for mobile apps and browser extensions but only for premium users.
Credit Card Monitoring
You can get credit card alerts on your smartphone and computer through pop-up messages and emails. It will keep reporting you on transactions so that you can take immediate actions in case of identity theft attacks. This is a feature that is only available on the premium version to paid users who are residing in the United States.
Dark Web Monitoring
Dark Web Monitoring is only available for family and premium accounts but not for free users. You can turn on dark web protection on LastPass to keep track of accounts and emails that are associated with .onion.
Since the dark web has a different set of underground servers, you might be exposed to potential breaches if you surf these overlapping networks.
If any of your email addresses or accounts end up on the dark web by any means, then you will be notified about it. Then, you need to instantly change passwords and secure your accounts to prevent dark web criminals from getting access to your information.
However, LastPass will notify you if it happens. Then, you can click on the accounts that have become unsafe in order to change their security and withdraw them from the breach until more walls have been breached.
For increased security and privacy, LastPass has joined forces with ExpressVPN to offer a VPN service through the app. This feature is not available on LastPass free. It’s a 30-day free trial that is only accessible by users of LastPass Premium and Families.
To get the free ExpressVPN trial, you have to log into the vault, go to the Security Dashboard, and click on ExpressVPN. Click on it, follow instructions, and you’re done. After this, the trial period won’t be activated instantly. You will receive a message of confirmation and then your LastPass connection via ExpressVPN will go live.
Plans and Pricing
There are two main categories among which LastPass accounts are divided. If you’re operating on a personal level, then there is the single users and family account type.
If you’re operating on a business level, then you have to use accounts under the business category. We’re going to talk about these plans, their features, and their pricing in more detail right now.
Single Users and Family LastPass
LastPass free version has a 30-day trial deal to help you get a taste of how life would be with this app. There are three types of deals – free, Premium and Family.
The free one will let you sign into one device only, and you can use it for 30 days. You can do the basic things like make a master password, add multiple accounts and secure them all together with that master password.
You can use the Sharing Center with one other LastPass user and secure notes, all your files, payment cards, and so on. You will get full access to the password vault of LastPass, and you will be in control. However, you cannot unlock all the features of the app through this free version.
A subscription to LastPass Premium will cost you $3 per month, but I recommend you take the 30-day trial period first. You will be able to add this account to every one of your devices.
All the features of Free LastPass will be included in the premium set, and there will be some very important additional features as well. These additional features will not only keep your passwords and content safe but will actively help in making your online experience smoother by a large degree.
Along with managing secure notes and folders, these additional features include an expanded version of the file sharing center that will allow you to share your files and folders with many users at the same time. You will also get a storage capacity of 1 GB, dark web monitoring, factor authentication options, and emergency access.
Subscription to Family LastPass will cost you $4 per month, but you can try it out free for 30 days before purchasing it. In this version, you will have 6 premium licenses that you can share with the other members of your account.
You will have to invite them over to join the account with you. Each member will get a different vault, and they will be able to create a unique master password for themselves.
All the special features of Premium LastPass will be available on the Family LastPass.
Enterprise LastPass accounts have the same features as Premium LastPass, but you can share one account with many more people than you could with LastPass Family.
You can try out accounts of LastPass Enterprise for a period of 14 days only. If you want to continue with their service, then you will have to buy a subscription. There are two types of accounts here.
You can add a maximum total of 50 members to one team account. A subscription to Teams LastPass will require every member of the team to pay $4 per month, and they will each get a separate account of their own.
Each user of Business LastPass will have to pay $6 per month. This is useful for companies that would suffer losses if their plans become public.
Business LastPass gives each employee a different account and makes sure that the employees are not using weak passwords. If they are, strict passwords are assigned to them using the automatic password changer on LastPass.
Besides password security, it also helps the business to store its information from every employee in one place so that there is no possibility of a breach in the system.
|Type of LastPass Accounts||Trial Period||Subscription Fee/Month||Number of Devices|
|Teams||14 days||$4/per user||Less than 50|
|Business||14 days||$6/per user||More than 50|
In How Many Ways Can I Access LastPass?
Both free users and paid users can get access to LastPass by using their website, their browser plugin, and via the various mobile apps that they have.
Can LastPass See All My Passwords?
No, only you can see your passwords. The master password is required to decrypt the passwords that you have saved in the vault. LastPass doesn’t read your master password, so they do not have the key to decrypt your data.
Can You Use Account Recovery to Extract Deleted Passwords?
Yes, you can find all your deleted passwords by looking into Advanced Options > Deleted Items.
Why Should I Trust LastPass?
LastPass supports bank-level encryption security of 256-bit AES that is impossible to crack due to the huge number of its combinations. There are other security barriers like MFA that provide extra layers of security to the LastPass vault.
Did LastPass Ever Have a Security Breach?
Once in 2015, but the attack couldn’t go into the vault. Except for that one incident, no other breach has ever happened.
Do I Need to Use a VPN with LastPass?
If you’re on a public network, you should use a VPN. You can use ExpressVPN, which is a LastPass partner solution.
LastPass is the best freemium password manager that is active right now. It has a ton of extra features in its paid versions, but if you want to tighten up your security, then the free service version will also work perfectly well.
The security that LastPass uses is topnotch – there has never been a breach in the system that caused notable damage to the users. Bank-grade E2EE encryption keeps all your data and your passwords safe.
With LastPass Premium, you will have unlimited password storage. Also, you can fill up forms and surf through the web knowing that the secret LastPass police are on your guard in case you have any problems such as identity theft or silent attacks from the dark web.
Stay safe online and protect your interests offline with LastPass security.
LastPass may be good but sometimes it causes login failure that you need to switch to its web version. Malfunction can also happen in this version that you end up looking for customer support. The live chat support gives a poor impression and your concerns are not quickly addressed. You sometimes find yourself lost in the middle of business transactions.
LastPass: The last on my list!
I'm running my business for years and have just started to shift to LastPass just recently. However, I find this very annoying and extremely not suitable for business.
Pros: This allows you to set up teams and individual roles. Your very own company logo can also be uploaded.
Cons: This software is not business-friendly. The “Shared Folders” version is still owned by individual users. If they leave such a large company, these numerous files could be “orphaned” records and are hard to manage within the company.
My LastPass Experience
I consider LastPass as a quality password storage manager.
Pros: 1. Easy to manage browser plugins
2. Lets you easily input long secure passwords with hand jamming or retyping
1. Depending on your organization where pop-ups are not allowed Single Sing
On applications may be difficult.
Alternatives Considered: Dashlane
I'm a Chromebook user and I hate LastPass because it's not supported. The company I have used to work for used LastPass and can't get through it. It really feels bad.
LastPass for Privacy and Security
I have been using LastPass for almost a decade. When it comes to the top security for both personal and business purposes, a great heads up to LastPass. This option offers a free trial with highly affordable plans. I would highly recommend it to start-ups or even those who are still looking for alternatives for years. LastPass truly cares for your privacy and security.
- How do I set up and manage LastPass Credit Monitoring? SUPPORT https://support.logmeininc.com/lastpass/help/set-up-and-manage-lastpass-credit-monitoring-lp030026
- Choose a plan that works for you. LastPass https://www.lastpass.com/pricing
- LastPass Premium vs. Free. LastPass Premium vs Free | Worth The Upgrade https://www.lastpass.com/pricing/lastpass-premium-vs-free
- What is Two-Factor Authentication? https://www.lastpass.com/two-factor-authentication https://blog.lastpass.com/2016/03/lastpass-authenticator-makes-two-factor-easy/
- How is Emergency Access secure? https://support.logmeininc.com/lastpass/help/how-is-emergency-access-secure
- What is the security score in my Security Dashboard? https://support.logmeininc.com/lastpass/help/what-is-the-security-score-in-my-security-dashboard
- Improving Your Security with the LastPass Security Challenge https://blog.lastpass.com/2019/09/improving-your-security-with-the-lastpass-security-challenge/
- Is LastPass GDPR compliant? https://support.logmeininc.com/lastpass/help/is-lastpass-gdpr-compliant-lp010030
- What is 256-bit AES encryption at rest and in-transit? https://support-apricot.sharegate.com/hc/en-us/articles/360020768031-What-is-256-bit-AES-encryption-at-rest-and-in-transit-
- LastPass Live Chat https://gethuman.com/chat/LastPass
- What languages does LastPass support? https://support.logmeininc.com/lastpass/help/what-languages-does-lastpass-support