All About Cookies is an independent, advertising-supported website. Some of the offers that appear on this site are from third-party advertisers from which All About Cookies receives compensation. This compensation may impact how and where products appear on this site (including, for example, the order in which they appear).
All About Cookies does not include all financial or credit offers that might be available to consumers nor do we include all companies or all available products. Information is accurate as of the publishing date and has not been provided or endorsed by the advertiser.
The All About Cookies editorial team strives to provide accurate, in-depth information and reviews to help you, our reader, make online privacy decisions with confidence. Here's what you can expect from us:
/images/2023/03/03/logo-lastpass.png){kind=logo}
Helpful features like family profiles and a password generator
Compatible with lots of browsers, OS, and devices
All About Cookies is an independent, advertising-supported website. Some of the offers that appear on this site are from third-party advertisers from which All About Cookies receives compensation. This compensation may impact how and where products appear on this site (including, for example, the order in which they appear).
All About Cookies does not include all financial or credit offers that might be available to consumers nor do we include all companies or all available products. Information is accurate as of the publishing date and has not been provided or endorsed by the advertiser.
The All About Cookies editorial team strives to provide accurate, in-depth information and reviews to help you, our reader, make online privacy decisions with confidence. Here's what you can expect from us:
Although LastPass is a user-friendly password manager with plenty of features, its suffered too many breaches for us to feel secure about using the product. LastPass was breached twice within months of each other in the latter half of 2022.
As far as the actual service, LastPass has a host of features like a password generator and dark web monitoring, which serve as useful tools to anyone looking for increased security online. Our testing proved that it was easy to use, although there were some bugs with features like password sharing.
The free, individual, and family plans all offer convenient ways to store sensitive information that’s easily accessible and supposedly safe. With a manageable price and integrated browser extensions, it’s up to you to decide if you can look past the security issues.
| Price | Free–$4.00/mo |
| Free version | Yes |
| Number of users | 1 to 6 |
| Compatibility | Windows, macOS, Linux, Android, iOS |
| Browser extensions | Chrome, Firefox, Edge, Safari, Opera |
| Password sharing | Yes |
| Encryption | AES-256 |
| Password generator | Yes |
| Password strength report | Yes |
| Autofill | Yes |
| Digital legacy | Yes |
| Cloud storage | No |
| Details | Get LastPass |
We put every password manager through vigorous hands-on testing by downloading the software to our own devices. We test how the product works on both mobile and desktop, evaluating how well we're able to save, share, and use passwords across a variety of situations.
By taking a fine-tooth comb through all available features and settings, we carefully compare each product using our proprietary grading rubric. The star ratings take into account price, features, extras like cloud storage and data breach alerts, plus looks at security and privacy features like encryption levels and past data breaches.
To learn more about how we test, check out our full testing methodology here.
We last tested LastPass on November 1, 2024.
Helpful features like family profiles and a password generator
Compatible with lots of browsers, OS, and devices
We found LastPass to be fairly easy to navigate and use. We installed the LastPass Business extension on our Google Chrome browser. Every type of information you can input into your vault is clearly labeled on the dashboard.
/images/2024/11/01/lastpass_review_1124_refresh_16.png)
For testing, we navigated to Amazon and opened the create account page. The LastPass icon popped up on several lines to autofill our information. It also suggested a strong password to use with our account.
/images/2024/11/01/lastpass_review_1124_refresh_19.png)
Although the LastPass icon was convenient in this case, we found it popping up when it wasn't needed. We went to save an image on Photopea and the LastPass icon blocked the image name cell. Luckily, LastPass does have a Never URLs section in its settings where you can add sites to whitelist.
/images/2024/11/01/lastpass_review_1124_refresh_18.png)
Another issue we encountered was with the password sharing feature. We tried to share one of our vault items but we kept receiving an error.
/images/2024/11/01/lastpass_review_1124_refresh_17.png)
Funnily enough, the error only states, "We're not sure what went wrong" and encourages us to contact customer support if the error persists. This was frustrating, especially because we couldn't even get in contact with an agent via live chat. The only option would be to call.
Overall, LastPass is largely easy to use but some of the issues we encountered make it less user-friendly for inexperienced users.
LastPass ranges in price from Free–$4.00/mo. There's a free version along with a Premium plan and a Families plan.
The free version of LastPass comes with a surprising number of useful features like autofill capabilities and a password generator. This is great for anyone who doesn’t need to share their passwords with anyone else or use them across multiple devices.
If you do need a little more from LastPass, paid plans come with enhanced features like phone support and emergency access for family members who may have forgotten their password. The Premium plan is for one user but can be installed on unlimited devices. The Families plan can cover up to six users.
| Plan | Free | Premium | Families |
| Price | Free | $3.00/mo (billed annually) | $4.00/mo (billed annually) |
| Number of users | 1 | 1 | 6 |
| Number of devices | 1 | Unlimited | Unlimited |
| Password vault | |||
| Autofill | |||
| Password generator | |||
| Two-factor authentication | |||
| Encrypted storage | |||
| Security dashboard | |||
| Dark web monitoring | |||
| Emergency access | |||
| Personal support | |||
| Details | View Plans | View Plans | View Plans |
LastPass prices are on par with Keeper and 1Password. All three services charge annually but like to advertise the products by what the annual price equates to monthly. For a truly transparent view of each of these, please look at the starting prices for several popular password managers:
LastPass: $3.00/mo (billed annually)
LastPass costs less than Dashlane's personal plans, but other password managers like NordPass and Bitwarden are cheaper.
It's worth noting that Keeper, 1Password, Dashlane, NordPass, and Bitwarden haven't been breached, while LastPass has suffered several security breaches.
Since its humble start as a password manager, LastPass has continued to expand its offerings to provide a number of features aimed at security. For example, the emergency access feature, one that allows you to will your password vault to someone upon your passing, is an especially useful feature as more of our lives move online.
Take a look at some of the other features and what they can offer.
Even though Netflix may be cracking down on password sharing, it doesn’t mean we won’t continue to share. LastPass has thought of this and created a safe and effective way for you to share passwords with friends, family, roommates, or colleagues.
/images/2024/11/01/lastpass_review_1124_refresh_11.png)
The Sharing Center within the LastPass dashboard allows you to send passwords to anyone while continuing to keep that information encrypted. It’s way better than pasting the Disney+ password into a text to your mom for the 15th time.
Unfortunately, this feature didn't work at all during our testing. We kept receiving an error with no explanation. Hopefully this is just temprorary.
With the free plan, you can use one-to-one sharing, which allows you to share your passwords and saved items with one person at a time. With the paid plans, you can also use one-to-many sharing, which allows you to share your saved with multiple people.
If you’re an Apple person, you may be familiar with the password generator that comes standard as a part of iOS. LastPass also provides this service with its own proprietary password generator.
/images/2024/11/01/lastpass_review_1124_refresh_02.png)
As we tested the extension, the generator would pop up if we were creating a new account. Its also easily accessible from the LastPass extension if the generator doesn't pop up on its own.
When the browser extension is enabled, you can automatically create a secure password directly on a website. These unique combinations make for strong passwords and can help increase your security. LastPass will then save the new password to your vault.
The autofill feature in LastPass creates a profile of you with the information you want, like phone number, address, credit card info, and more. You can fill online forms by clicking the browser extension in your toolbar.
In addition to this being convenient, it also helps avoid keylogging, which is where everything you type is recorded.
From the Security Dashboard, you can find your Security score. This feature evaluates your passwords, password hygiene, and sharing practices and evaluates your score based on how you use passwords.
For instance, if you use the same password multiple times, your strength score is lowered because there are more chances to breach this password. If you use unique, complex passwords for all your accounts, you’ll end up with a high rating.
/images/2024/11/01/lastpass_review_1124_refresh_12.png)
Our score was lower because we had some repeated passwords and hadn't enabled multi-factor authentication yet. If you click through on the View passwords button, LastPass will clearly list the issues with your passwords along with a button to correct them.
Additionally, you’ll need to continue to monitor LastPass as it scans the web for data breaches. If your password appears in a breach, it’ll lower your score and suggest you change the password.
Digital legacy is a uniquely 21st-century problem. What do you do with a person’s online accounts when they pass away?
LastPass allows you to grants someone emergency access in case of a forgotten password. You can also grant temporary access or update specific folder permissions to share the passwords within and skip sharing your master password.
You can also name heirs to receive access to your vault in the event of your passing. This can help families or loved ones who are trying to access bank accounts, medical information, emails, and other services.
Additional bonus features offered by LastPass for business and family accounts are:
/images/2024/11/01/lastpass_review_1124_refresh_14.png)
Since LastPass has such a robust free product offering, it’s more than likely the company is selling data to recoup profits lost. After reading the U.S. privacy policy listed on the website, it's pretty clear that’s exactly what’s happening. LastPass is even using aggregated data from other parts of the web to create a clearer picture of you for marketing purposes.
Under "How We Use Your Data and Legal Basis," the policy states your data is used to "identify prospects for marketing purposes."
The description reads, "Analyze our records to identify prospects as well as their presumed or identified needs or preferences and serve ads and other communications that may be of interest to you.” Identifying “prospects for marketing” means selling your data to marketers.
It’s also concerning that LastPass notes it can “Rectify or correct personal data about you that is inaccurate, incomplete or out-of-date” you provide along with data it collects from outside sources. Why would a password manager need to “correct and enrich” your personal data? Why wouldn’t it just store your passwords and leave the rest of your identity alone?
These are the types of questions you should ask when looking at a product to which you give so much information. Since you’re sharing personal, financial, health, and other login details with LastPass, selling that information seems counterintuitive to the purpose of its service — keeping your data secure.
LastPass claims a significant amount of security certificates and advertises its Bug Bounty program in an effort to show customers how dedicated it is to security.
The most recent third-party security certificate was issued in July 2022, directly before the major hacks that stole source code and encrypted password vaults from LastPass’ servers.
Honestly, probably not. LastPass suffered two major security incidents in 2022 that left customers’ data exposed, with the October breach including encrypted password vaults. Inititally, LastPass didn't recommend any actions at all and just assured userse that the passwords stored with the service were secure.
The previous cybersecurity incident in August 2022 saw hackers getting away with some of LastPass’ source code.[1] Source code is the foundational structure, the DNA, of any software. Like DNA, if you alter part of it, you can alter the entire entity.
In March 2023, LastPass released an update stating that no threat actor activity had been seen since October 26, 2022. It also provided security bulletins with recommended actions for LastPass users. But with competitors like Keeper and NordPass having never been hacked, it’s probably safer to go with one of those services.
It’s worth noting that if you're a LastPass customer, changing your passwords may not be enough to protect your accounts. You should enable multi-factor authentication and update your privacy settings to keep accounts safe.
Two-factor (2FA) and multi-factor authentication (MFA) allow you to add extra layers of security to products that handle some pretty private data. This type of passwordless authentication can supplement the security holes found in password security.
LastPass takes advantage of this technology by using 2FA and allowing you to go deeper by enabling multi-factor authentication. LastPass has a proprietary authenticator but also allows for integration of other authenticators, such as biometric logins, which improve the security of 2FA.
/images/2024/11/01/lastpass_review_1124_refresh_04.png)
The least helpful aspect of LastPass is its customer service.
While you have to be subscribed to a paid tier like Premium or Family to access personal customer service, you’re still encouraged to sort through the self-help section before reaching out to the call center. Like most self-help sections of technical sites, finding answers to more obscure questions can be time-consuming and frustrating.
Previously, LastPass noted it was receiving larger than normal call volume. The notice on the support page went on to encourage you to search for your support topic in the self-help section.
As you may have guessed, you’ll only get general suggestions on the self-help pages instead of direct answers to your questions. If you’re looking for a solution to a less common issue, you may find yourself searching for a while.
LastPass has added a chatbot that links to a live person if you can’t find what you’re looking for in self-help. When we tried to reach out to an agent, the chatbot let us know that no one was available and created a case for us. Considering there's nowhere listing the chat hours, we're not sure how usable this option actually is.
/images/2024/11/01/lastpass_review_1124_refresh_15.png)
LastPass claims compatibility with a myriad of browsers, mobile devices, and operating systems. For web browsers in general, the two most recent versions work with LastPass. Anything older than that, and you’ll need to update your browser.
Keep in mind that free users are also limited to one device, so be sure to install it on a device that you use to log in to your accounts most often.
Operating systems and mobile apps
Browsers
LastPass is a solid password manager but we don't blame you if you're offput by its history of data breaches. Here are some other password managers to consider that haven't been breached (as of this writing):
 |
|
|
|
| Star rating | |||
| Starting price | Starts at $1.29/mo (billed every two years) | Starts at $0.99/mo | Starts at $2.92/mo (billed annually) |
| Compatibility | Windows, macOS, Linux, iOS, Android, Chrome, Firefox, Edge, Safari, Opera | Windows, macOS, Linux, iOS, Android, Chromebook, Chrome, Firefox, Edge | Windows, macOS, Linux, iOS, Android, Chrome, Firefox, Edge, Safari, Brave, Opera |
| Autofill | |||
| Password sharing | |||
| Password generator | |||
| Digital legacy | |||
| Learn more | Get NordPass | Get Roboform | Get Keeper |
LastPass’ trustworthiness has come into question with two back-to-back breaches in August and October 2022. Competitors Keeper and 1Password both boast similar levels of security without data breaches or being hacked.
LastPass has encountered more security breaches than we’d like to see from a security provider. It also can become glitchy on devices like Apple Watches or with macOS updates.
LastPass has been involved in multiple data breaches with the last one being revealed in December 2022. LastPass shared details of the latest breach plus information collected in previous breaches in a blogpost on its site.
Significant amounts of customer data were obtained in the most recent breach, and all LastPass customers are encouraged to change all passwords stored on the site.
Both Keeper and NordPass are top alternatives to LastPass. As of the date of publishing, neither service has suffered a hack or data breach.
While Google has a proprietary password manager built into Chrome, Google’s password manager isn’t safe enough to trust all your data to the service. A third-party service like the two we’ve mentioned will add another layer of security.
Yes, LastPass was hacked in August 2022, and that information was used to perform another, more expansive breach in October 2022. Among the data stolen were customers’ encrypted vaults and source code from LastPass itself.
No, LastPass is based in Fairfax Virginia. It was originally owned by LogMeIn, now called GoTo, which is based in Boston, Massachusetts. LastPass became a standalone company in 2021.
Even if we could be 100% sure that LastPass fixed its security flaws and we knew changing our passwords in our vaults would keep our accounts safe, LastPass has suffered too many security incidents to feel like a good product.
The fact that the first security breach of 2022 happened a month after LastPass received its third-party audited security certificate is worrying. On top of that, the dicey privacy policy and aggregated collection of data feels out of place for a security-focused company.
That isn’t to say you shouldn’t use a password manager. They help keep everything organized so you don’t lose your passwords. If they contain features like a password generator, like LastPass does, then you have additional security with strong, unique passwords suggested and saved for you.
See how LastPass compares to more secure password manager options:
Helpful features like family profiles and a password generator
Compatible with lots of browsers, OS, and devices
[1] Notice of Recent Security Incident
[2] LastPass Admits to Severe Data Breach, Encrypted Password Vaults Stolen
/images/2023/04/25/nordpass-review.png)
/images/2022/05/09/passwords-on-sticky-notes.jpg)
/images/2024/10/28/password_managers_prices_nordpass.png)
/images/2022/08/18/how-to-stop-facebook-ads.jpg)
/images/2024/10/18/finger_art_do_you_save_passwords_in_a_browser.png)
/images/2024/10/18/reset_password._text_on_tablet_device_on_a_wooden_table.png)
/images/2024/08/06/bitwarden_vs._1password_featured_image.png)
/images/2024/07/29/microsoft-edge-password-manager.jpeg)
/authors/mary-james_allaboutcookies-author.jpg){kind=small}
/authors/steph-trejos-allaboutcookies-editor.jpg){kind=small}
/authors/catherine-mcnally-allaboutcookies-editor.jpg){kind=small}
/images/2023/03/03/logo-lastpass.png){kind=logo}
/authors/mary-james_allaboutcookies-author.jpg)
/authors/steph-trejos-allaboutcookies-editor.jpg)