Disclosure: WHSR is reader-supported. When you buy through our links, we may earn a commission.
LastPass Review: Is It Secure and Safe to Use?
Updated: 2022-04-07 / Article by: Timothy Shim
Background: LastPass is a notable brand in the secure password manager space. Developed by LogMeIn, the service provides safe, centralized storage for usernames and passwords. It also offers value-added features like strong password generation, password sharing, and secure information storage.
LastPass makes password management so easy that you won’t even remember it’s there. The distinction between it and Google’s password management is subtle but noticeable in a good way. Aside from security, you’ll find your passwords much better organized with LastPass. Read on or visit the LastPass website.
For those used to Google Chrome or other browser’s way of password management, LastPass isn’t that different. It still asks if you want to store passwords when you first log in to a website. Yet, you get peace of mind knowing that credentials won’t wipe out each time you refresh the browser cache.
The LastPass Vault provides easy access to your password database, with many organizational tools to help you keep hundreds of passwords manageable. For example, you can sort passwords into “Folders” so they don’t simply accumulate in a cluttered mess.
For those new to the LastPass Vault, it acts much like other similar apps. You get navigation menus, search bars, and a clean interface that allows the management of each saved account. You can even add new accounts manually from within the vault – or simply import an entire Excel spreadsheet of existing accounts.
In addition, you get quick access to other helpful areas like account settings, master password management, URL host matching settings, and much more. It’s mind-boggling how complete yet easy this interface is.
Tip: New LastPass users should export the credentials stored in their web browser (or existing password manager). Save the file in CSV format, and then simply import the file to get everything stored in your LastPass Vault.
2. Encrypts Stored Credentials Locally
LastPass may be a Cloud-base service, but it uses local encryption for your credentials. When you create an account, you’ll need to provide a master password to encrypt and decrypt any data before it’s moved online.
The encryption used is top-notch AES-256 bit and PBKDF2 SHA-256. The system implements a per-user salted hash for the best in Cloud security.
3. Password Generator Feature
Many of us tend to use simple or repeated passwords since it’s hard to remember so many credentials. While LastPass eliminates that problem, you next have to think of complex passwords for each service.
That’s where the password generator comes in. The password generator isn’t a separate option but becomes available when you visit a website. Click the LastPass icon on the password field, and it’ll crank out a unique password for that website. And of course, you won’t need to remember this one either.
4. 1GB Secure File Storage Space
Users of LastPass paid plans will get access to 1GB of secure file storage space. Think of it as an area you can dump files safely – essentially just Cloud storage space. It’s nothing new or revolutionary but free with the account nonetheless.
Secure Note Storage Included
Alongside its secure file storage is something LastPass calls Secure Note Storage. Instead of jotting down temporary passwords or other confidential information in plain text, do it safely. As with all other data, these notes are well encrypted.
5. Dark Web Monitoring Service
Even the most secure websites and servers are getting breached today. The speed at which these incidents occur is so fast you’ll have a hard time tracking them. LastPass keeps an eye on the dark web and scans for any chatter related to your information.
If it detects anything such as credentials for sale that matches yours, the system will notify you.
The dark web monitoring service is part of the LastPass Security Dashboard that gives you a bird’s eye view of the health of your passwords. It also keeps an eye on passwords you store to ensure you don’t practice bad habits like repeat or simple passwords.
6. Multifactor authentication
LastPass offers everyone (even free users) multifactor authentication (MFA) to secure your information further. This additional layer of security makes use of a second verification method like an app for better security.
MFA is simple to use, and most of us will already be using an authenticator app such as Google Authenticator. All you have to do is run the app and use it to scan the LastPass QR code. Then it’ll add LastPass to your list of services, with a corresponding six-digit code for verification.
You can also use the LastPass Authenticator app if you want easier approval for password access and such. Teams and Business plan users have options for advanced MFA like using a YubiKey or fingerprint readers.
As a last resort, if you want to use SMS, that’s also possible. However, given the prevalence of phone number spoofing and similar scams today, I don’t recommend you go this route.
7. Free Version Available
The gem in the LastPass crown is that it has a fantastic free version. Unlike many competitors who try to cripple free accounts with tons of limitations and feature restrictions, LastPass provides a near-complete product.
The only things you don’t get are the bells and whistles. For example, you can use LastPass free on multiple devices. The restricting factor is that you have to choose a single platform. If you decide to use it on your PC, you can’t use LastPass free on your smartphone.
8. Use LastPass on Any Platform
LastPass works on almost any platform since it offers browser-based extensions. While that doesn’t cover all browsers under the sun, it includes mainstream options like Chrome, Firefox, Edge, and Opera.
There are also LastPass native apps for Windows, macOS, or Linux for those who are more old-school.
Cons: What I Dislike About LastPass
1. May Clash With the Browser Password Manager
This disadvantage isn’t unique to LastPass but applies to all password managers. If you’re used to using your browser to store credentials, you’ll need to disable that feature before using LastPass. If you don’t, it tries to compete with the browser credential manager, causing a big old mess of things.
This problem sounds simple to resolve. However, having used the browser for so long, I struggled to stop managing my passwords. Once you manage to do that, things will go (mostly) smoothly.
2. Doesn’t Support Crypto or PayPal for Payments
As a bonafide netizen, I dislike websites trying to get me to pay via my credit card. If you aren’t in the US, you’ll lose on the currency exchange at bank rates since LastPass charges in USD. For me, PayPal is the way to go.
Alternatively, many merchants are beginning to accept various cryptocurrencies. Either would be fine, but LastPass supports neither. It’s a major annoyance to me, although not everyone will have the same pet peeves.
You can pay for LastPass using a credit (or debit) card, nothing else.
LastPass Plans and Pricing
LastPass offers two main categories, one for Single Users and Families and the other for Teams and Businesses. The Teams and Business versions are more suited for deployment from a centralized command point.
LastPass Single Users and Families: Starts Free
The more consumer-oriented version of LastPass starts free. It’s essentially a trial that doesn’t expire. The great thing about the free version is that it includes essential features. The paid version, however, has more security features like MFA and other frills.
The families version extends the license to six users and lets you share folders. Aside from that, it’s no different from the Premium version.
LastPass Premium costs $3/mo while the Families version costs $4/mo.
LastPass Teams and Business
LastPass Teams and Business strips some controls from user accounts and vests them with the administrator. That way, organizations can somewhat control the way employees use LastPass. There’s also the option to add more advanced security features for LastPass Business.
LastPass Teams costs $4/user/mo while LastPass Business costs $6/user/mo.
I’ve been using LastPass free for months now, and it’s the third (or fourth) password manager I’m testing. It’s also lasted the longest for me, and I’m simply waiting for their Black Friday deal to grab the premium version.
Most of the brands I’ve tried so far have been less “in sync” with how they work on various websites. Some have been outright buggy. LastPass has been the ideal password manager model so far, and I look forward to using it for a long time to come.
Timothy Shim is a writer, editor, and tech geek. Starting his career in the field of Information Technology, he rapidly found his way into print and has since worked with International, regional and domestic media titles including ComputerWorld, PC.com, Business Today, and The Asian Banker. His expertise lies in the field of technology from both consumer as well as enterprise points of view.