LastPass Review: Still Recommended?

LastPass’s name reveals what the password manager wants to achieve: To be the last password tool you’ll ever need. During our last review, the service stood out thanks to its feature-laden free version, however, there have been some changes.

Now, LastPass needs to be measured against the other premium services on the market. Below, we'll let you know how it did.

LastPass* is a freemium password manager that stores and protects passwords in a secure vault with a single, high-strength, encrypted master password. Browser extensions are available for Chrome, Firefox, Edge, Opera, Safari, and Internet Explorer, as well as a mobile application for Android and iOS devices.

We tested LastPass on Windows and Android.

It's easy to register for and set up LastPass. First, create an account and a master password. This will be the last password you'll ever need to remember and provide you with access to your vault. Make sure that it meets the provider's minimum requirements (at least 12 characters, 1 number, 1 upper case, and 1 lower case letter).

While most password managers are built around their desktop versions, LastPass is browser-based, which has advantages and disadvantages. On the plus side, your password vault and data sets are only a click away and no extra software is needed to access them. Similarly, LastPass can be used on any operating system. All the same, you will need to open your browser to access the program, and cannot use it offline.

In case you have prior experience with password managers, you can import existing data sets. Simply click on Advanced Options > Import, and load your CSV file from your previous password manager or browser.

Installation is easy and straightforward with LastPass. Some users might be confused about the lack of a desktop app, especially since there is an installation file, but that's just one of the service's quirks.

With LastPass, your password hub is made up of two components, a browser extension and a vault. You'll likely use the browser extension more since it handles autofill and provides quick access to your data sets. Your vault, which is accessible through a shortcut in the extension, is where you'll manage entries and adjust advanced settings. Below, we'll briefly explain each in greater detail.

LastPass's browser extension is a miniature version of your web vault and is somewhat heavier on features than the extensions of other password managers. It doesn't just provide quick access to website data sets, but everything that you've stored. Thanks to the practical search feature, navigation is simple.

The password generator, which you can use to automatically create secure passwords, is also found here. Should you want to access the "Security Dashboard", you'll be forwarded to the Web Vault.

Click on Open My Vault to access the second component, your vault. There, you’ll be able to modify advanced settings and access additional features, like "Security Dashboard", which checks the strength of your passwords.

LastPass's "Web Vault" is neatly arranged, intuitive, and easy to navigate. Use the menu on the left to jump between different types of data sets and features. Entries are displayed either in lists or tiles and can be grouped into custom categories.

We weren't impressed with LastPass's data set options: Users can't create sub-folders, and every category is a data set type. This means that the categories you configure for passwords are also the same as for notes, which is somewhat unnecessary. Additional organization options, like tags, aren't included. Beyond that, LastPass could have done more to display logos for individual entries, since this would make the tile view more accessible.

On the plus side, LastPass does offer significant flexibility when it comes to entries: You can set autofill for each entry, require that the master password be input before doing so, or add custom information fields for forms. Click on "Account Settings" to fine-tune the software to your liking, set URL rules and exceptions, or enable multi-factor authentication.

Overall, LastPass is easy to use and well-organized, even if the way that data sets are grouped could have been better thought out. Some users might miss the presence of a desktop version. Since there's a web app, you'll also have to occasionally contend with longer (or shorter) loading times.

LastPass provides all of the basics along with a number of extra features, some of which other password managers don't have.

The browser extension's password generator creates passwords that match your length, character, and complexity preferences. Whenever you log in to a new website, simply copy the correct password into the form, save the entry, and you'll never need to manually enter that password again. Unfortunately, the password generator is unable to create passphrases.

LastPass's "Security Dashboard" checks how secure your passwords are and lets you know of any that are compromised and need to be changed. Once the threats have been identified, you can easily fix weak passwords. For some websites, like Facebook or Reddit, this takes one click and can be done without leaving LastPass. However, for other websites, you'll need to manually change passwords on the site in question.

LastPass's autofill helps to automatically complete login, contact, and payment forms. Once the browser extension identifies an input field, a LastPass icon will appear. Click on this to view the entries saved for that site or service. During testing, LastPass was completely reliable and did not suffer from any lapses or issues. In addition, new logins are automatically saved.

You can share individual passwords or groups of them with other LastPass users in the "Sharing Center". When doing so, you can decide whether they're only able to use these, or also, to see them. Only Families plan subscribers can share entire folders.

Use this premium feature to specify an emergency contact for your account and give them access to your vault. Many people worry about what happens to their digital profiles following their death. To address this, paying LastPass subscribers can create a digital will that includes every stored file and password. As a result, you can rest assured that your information remains safe but accessible in the event of an emergency.

In our opinion, LastPass's emphasis on the basics pays dividends, and the service impresses with its easy-to-use and powerful tools.

LastPass uses AES 256-bit encryption to store passwords, which, as of the time of writing, is considered to be the most secure standard publicly available. Like many of its competitors, the app’s security model is based on the zero-knowledge principle, which means that LastPass does not save your master password. If they don't know it, neither does any potential hacker.

Data is encrypted/decrypted on the device level before being synchronized and securely saved with LastPass. Multi-factor authentication, via authenticator apps or USB and card reading devices, can be enabled to provide extra security.

The biggest security vulnerability we could identify was in terms of password resets. If you lose or forget your master password, LastPass offers several options to regain access. When you create an account, you can include a security question that will be sent to your email address if you lose your password. Recovery is also possible via one-time passwords, facial recognition, or fingerprint scans.

Security experts have uncovered a number of other weaknesses with LastPass: Tavis Ormandy, a white hat hacker, twice exploited security issues in LastPass's browser extension. Even though LastPass immediately patched these and has been transparent, password managers shouldn't have these problems to begin with.

LastPass apps are available for iOS and Android devices. After setting up your account and signing in for the first time, you’ll need to unlock your device via email and confirm your location.

The app's menu is arranged similarly to its browser counterpart, which helps to quickly find whatever feature you need. There is a dedicated browser, and when you tap on an entry's link, it will open directly in the app.

Autofill in the mobile app, both with the integrated browser and in Chrome, is as reliable as on the desktop. During our review, the LastPass icon appeared quickly, and there were only a few times that we needed to tap the input field a second time for it to display.

If you'd prefer not to input your master password every time you want to access your vault, you can unlock the app using your fingerprint. Of course, you'll have to decide whether this conforms to your security standards.

LastPass's support center offers a nice selection of articles with screenshots and links, video guides, and a forum. Since it has an integrated full-text search feature, you can easily find whatever you're looking for.

You will have to do some work to get direct support from LastPass though. At the bottom of certain help articles, you'll notice a link to get in touch with support. LastPass doesn't offer a live chat, and its "chat" just connects you to a bot that won't forward you to humans.

Response times vary depending on demand, but our question was answered after 28 hours. We wrote in German, and the answer we received in English was not satisfactory. Only after posing a question in English did we get an informative answer.

LastPass has a nicely stocked help center but could do with a bit of work when it comes to live support.

LastPass's free version used to be much more generous (and appealing). Unfortunately, in 2021, this was changed and the free version was limited in terms of features. You can still sync data between devices, but only across one type.

This means that free users can have the service either on their computer or their smartphone. You can change the device type, but comfortably using these on both types isn't possible. This differentiation is somewhat complicated and not clearly communicated in LastPass's pricing information.

Even though the free version has lost some of its shine, LastPass remains relatively affordable. Individual users can book either a Premium subscription or a Families plan - the latter includes six premium licenses.

Beyond that, LastPass offers two different Business subscriptions, the costs for which depend on the size of the team. The Teams package is envisioned for groups of up to 50 people, while Business is for 50 or more users. In addition, there's also LastPass Enterprise.

Below, we've provided a summary of current prices:

Anyone can try LastPass for 14 days, however, there's no money-back guarantee for subscribers.

LastPass certainly hasn't reinvented the wheel, but what it does, it does well, and at a relatively affordable price. Anyone who looks back on the generous free version of LastPass will likely be disappointed about the restriction to one device type.

A premium LastPass subscription provides users with access to one of the most reliable and versatile password managers on the market, a feature-rich browser extension, and a user-friendly web vault.

LastPass enjoys a good reputation among its users, as can be seen in its (mostly) positive customer ratings.

If you'd like a password manager that offers a desktop version and a web app, 1Password or RoboForm might be interesting options.

On the other hand, should you want a freemium password manager without too many limitations on cross-device syncing or data sets, look no further than NordPass or Bitwarden.

We've listed more of the best alternatives to LastPass here: