- Our Take
- Pros & Cons
- How Does LastPass Measure Up to the Competition?
- LastPass Features In-Depth
- Who Is LastPass For?
- Why Use a Password Manager?
LastPass is one of the most popular password managers out there, but how does it hold up as an online security tool?
LastPass is one of the best password managers out there. Create complex passwords with the password generator and store them securely behind an unbreakable encryption wall in the Password Vault.
Thanks to an additional layer of security—provided by multifactor authentication—your sensitive information will be kept out of the reach of hackers and cybercriminals. With LastPass, you’ll also benefit from additional security features including, autofill, password auditing, and dark web monitoring.
- Free unlimited password storage.
- Multifactor authentication options.
- Dark web monitoring.
Protection for Your Accounts
LastPass generates super-strong passwords for each of your accounts and then stores them behind an unbreakable wall of AES-256 bit encryption. This military-grade encryption makes it impossible for hackers to break into your password vault to steal your login details.
Plus, the passwords LastPass provides are long and complex, with a mix of upper and lowercase letters, punctuation marks, and numbers that would take hackers hundreds of years to crack with brute force attacks.
Additional Security Features
LastPass goes beyond a simple password manager by offering additional helpful security features, including:
- Multiple two-factor authentications (2FA) to protect against phishing attempts, as well as biometric login options.
- Password auditing to check your password vault for old, weak, or duplicate passwords.
- Dark web monitoring automatically alerts you if your personal information is at risk, helping prevent data breaches.
- Automatic password changer for selected supported sites without needing to do it manually.
- Secure password and records sharing with multiple users, or one with one person if you’re using the free plan.
- Several account recovery options, even if you lose your master passwords and emergency access available for your trusted contacts.
- Credit report monitoring to identify any suspicious activity and prevent identity theft.
Pros & Cons
As you can see, LastPass does a lot more than store your passwords safely, but it doesn’t come without its pitfalls.
Pros of LastPass
- Multiple options for two-factor authentication
- Customizable password generator
- Additional protection against data breaches with Dark Web monitoring
- Supported by all major operating systems and browsers
- Automatic password changer for extra protection
- The free version is packed full of features, including unlimited password storage
- 30-day free trials are available for LastPass’ paid plans
Cons of LastPass
- Importing passwords into the LastPass vault can be difficult
- The automatic password changer works on just 70 sites currently
- The free version only permits an account on desktop OR mobile devices.
- Credit report monitoring is currently only available in the U.S.
How Does LastPass Measure Up to the Competition?
LastPass is just one of the many password managers on the market. While it is an excellent choice for protecting your login credentials and more, it’s worth remembering that there are comparable options.
Myki: Excellent Offline Password Storage
Like LastPass, Myki offers several additional security features along with its password vault and generator, including:
- Secure storage of additional sensitive information, such as payment cards and forms of identification
- Built-in two-factor authentication that you can configure to sites of your choosing
- Sharing of accounts, credit cards, and secure notes without revealing passwords
What we like: What sets Myki apart from the competition is password storage on your devices (offline) as opposed to the cloud. Storing your passwords locally makes it even more difficult for hackers to access your data.
What we don't like: The form-filling feature of Myki is not as reliable as that of LastPass, but it has impressive compatibility, being supported by all the major operating systems and browsers.
RoboForm: Great Choice for Form-Filling
As the name suggests, RoboForm is a password manager that excels at automatic form filling. As well as the usual tools, such as a password generator and auditing tools to identify at-risk passwords, you can use RoboForm to autofill even the most complex of web forms with spot-on accuracy. Plus, you can create your own customized form from seven templates, with as many fields as you want.
Additional features of RoboForm include:
- Bookmark storage
- Emergency access
- Multifactor authentication
- Secure sharing of logins
What we like: Save time by having RoboForm fill out your complex forms with complete accuracy.
What we don't like: Unfortunately, the free plan doesn’t allow for syncing across your devices, but like LastPass, the paid plans are surprisingly affordable.
LogMeOnce: Packed with Features
You might think that LastPass has lots of features, but wait until you see what LogMeOnce has to offer. This password manager has so many features, but how likely are you to need them all? With LogMeOnce you get:
- Unlimited saved password and number of devices, with compatibility and syncing across all major operating systems
- Several authentication options
- Secure Wallet to automatically fill payment details
- Password generator
- Secure password inheritance and sharing
What we like: Unlike LastPass, with LogMeOnce, you can import passwords from other password managers fairly easily.
What we don't like: You're stuck viewing mandatory adverts in the free version.
LastPass Features In-Depth
LastPass is everything a password manager should be, and with a free version available, everyone can take advantage of its security features. Let’s look at these features in a little more detail.
Data breaches are becoming ever more common, but if you store your data in the Password Vault from LastPass, it’s kept private, even from LastPass. With your master password, only you have the key to decrypting your passwords and other sensitive data.
Besides passwords, you can save a wide range of entries into your encrypted vault, including (but not limited to):
- Payment details
- Bank accounts
- Social Security numbers
- Insurance policy information
- WiFi passwords
- Software licenses
You can even create fully customizable entries, which is just as easy as the pre-made ones.
If you’re new to LastPass, you can import your login details for various sites or enter them manually. If you use the browser extension, LastPass will automatically capture and remember your login credentials as you enter them into a website.
Sign up for a new account or change an existing password, and LastPass will automatically offer to generate a secure password. By default, the generated password will be 12 characters long with a mixture of upper and lowercase letters, numbers, and symbols.
Over 80% of hacking-related breaches are the result of weak or stolen passwords.
You can customize your password to be ‘Easy to Say’ (omits numbers and symbols) or ‘Easy to Read’ (no ambiguous characters like five or S), and you can make your password all characters if you want to give hackers a real challenge. You can also increase or decrease the length of your password, but if you use a mixture of all four character sets, it will be robust enough, taking an estimated 34 thousand years to crack.
Whether you use the password generator or not, LastPass will update the associated entry and store it securely. You can rest assured that your generated passwords will never be sent across the web, where hackers could intercept them.
Whether you use the password generator or not, LastPass will update the associated entry and store it securely. So you can rest assured that your generated passwords will never be sent across the web, where hackers could intercept them.
Generate Strong Usernames Too
Just as you should use unique passwords for each of your accounts, you should also use different usernames whenever possible to give you an extra layer of security—it’s just something else a hacker will have to crack.
LastPass also has a username generator to create secure, random usernames for your accounts, which has the same customization options as the password generator.
You can give away a lot of personal information in a username, so remember:
- Never use your SSN as a username.
- Bank account and email usernames should be different.
- Avoid using personal numbers, like a birthdate, in your username.
- Make sure your username protects your identity, i.e., don’t use your full name.
- Create usernames that are hard to guess but easy for you to remember.
Using LastPass’ multifactor authentication options can help to enhance your security. It means that whenever you want to log into your account, you’ll need to provide your master password and either scan your fingerprint or enter a code. This added layer of protection ensures a hacker can’t access your password vault, even if they got their hands on your master password.
LastPass also offers various 2FA options, being compatible with multiple third-party authenticator apps, including Google Authenticator and Microsoft Authenticator. Plus, all LastPass plans include a built-in authenticator, which supports three different authentication methods:
- Push notifications
- SMS codes
- 6-digit passcodes
Save and Autofill
LastPass will automatically fill in your login details for the accounts with passwords saved in the vault when you visit the relevant site. For example, if you’re a regular online banker, your username and password are automatically added with a single click when you visit your bank's website.
Auto-filling account details protect you from scammers that may have installed spyware on your device to monitor your keystrokes. They may know you’ve visited your online banking site but will be unable to get your account details as you don't need to enter them manually.
With LastPass, you’re not limited to auto-filling your account credentials. You can also autofill credit card information, delivery addresses, and more.
Dark Web Monitoring
LastPass monitors your email addresses continuously within a database of breached credentials. So you’re immediately sent alerts if your sensitive information is compromised.
It’s straightforward to set up. All you need to do is turn on monitoring for the email addresses you want to keep an eye on. If you receive an alert if you’re at risk of a security breach, you can take the necessary action to protect yourself, such as changing your password.
Dark Web monitoring is part of the LastPass Security Dashboard, which gives you a helpful overview of the security of your stored accounts. Along with Dark Web monitoring, you can use the Security Dashboard to:
- Update weak and duplicate passwords to reduce your risk of “password reuse attacks,” a common tactic used by hackers to gain your login credentials.
- Check and improve your overall security score, which is calculated based on the strength of your passwords and whether you’ve enabled two-factor authentication.
Who Is LastPass For?
LastPass is a great password manager for those looking to secure their online accounts with unguessable passwords and keep all their login credentials safe from the prying eyes of scammers.
Compared with some other password managers on the market, it’s packed full of extra features to help prevent your information from ending up in the wrong hands, such as:
- Dark web monitoring
- Password auditing
- Multifactor authentication
You may find that the free plan from LastPass has all you need to keep your passwords safe and secure. However, if you’re looking for extra security or want to protect the whole family, the Premium and Family plans are very well priced. Take a look at the table below to help you decide which plan is right for you.
LastPass Plans and Features
|Feature||Free Plan||Premium Plan||Family Plan|
|Device access||Mobile or desktop||All devices||All devices|
|Save and Autofill Passwords|
|Dark Web Monitoring|
|Priority Tech Support|
Why Use a Password Manager?
Online security experts recommend you have complex and unique passwords for each one of your online accounts. This helps prevent scammers from hijacking your accounts and stealing your sensitive information. However, it’s almost impossible to remember them all. In fact, research has shown:
- The average U.S. internet user is locked out of 10 accounts per month
- 50% of internet users do five password resets a month
- 57% of people forget a new password immediately after resetting it
Thankfully, password managers exist to help you create and store complex passwords, ready to be filled in automatically whenever you need them. Not only will hackers find it impossible to crack your passwords, but they also won’t be able to steal them either, as they are secured behind a wall of encryption.