LastPass was initially released in 2008. The service is among the most popular and successful password managers on the planet with more than 13.5 million users (as of 2019).
LastPass used to be the king of password managers — now it’s just the king of Windows password managers. For all other users there are better options with better implementations of core features.
LastPass supports all three major operating systems (Mac, Windows, Linux), and virtually every major browser (Chrome, Firefox, Safari, Internet Explorer, Edge, Opera). It’s also available on Apple iOS, Android, and Windows mobile devices.
In 2011 a network traffic anomaly prompted the company to alert users of a potential breach. No evidence of an actual breach was found, though. In 2015, LastPass was acquired by LogMeIn, Inc — a move that many found controversial.
In June of 2015, a security breach took place that exposed email addresses, password reminders, server per-user salts, and authentication hashes. All sensitive encrypted data was not affected. Almost a year later, in 2016, vulnerabilities in the LastPass browser extensions were disclosed and fixed. A similar exploit appeared in 2017 and was promptly patched and resolved.
LastPass does everything that you would expect a password manager to do. That’s part of the problem though; it doesn’t do anything surprising or unique. If anything, the product relies on tried and true use patterns and utilities that every other product under the sun uses. The good news is that you won’t have to learn any new ways of interacting with your tech to use the product.
One thing I love is how the password generator works. Most password managers contain password generators, but nearly all of them hide that feature in the app or browser extension area. LastPass includes it directly in the form itself, which makes it easier, and quicker to use.
LastPass also supports secure notes, multi-factor (or 2-factor) authentication, sharing, and digital wallet features (credit cards and identities).
One other thing that LastPass does is allow you to set a password hint if you lose or forget your master password. This could come in pretty handy, indeed.
If you’ve ever used 2-factor authentication, or TOTP (one-time password), you’ll know what I mean when I say it can sometimes be tedious to find your phone, and type or copy and paste the codes within the time-based window.
LastPass has a neat feature that allows you to log in with one tap on a handful of ‘top sites.’ The way it works is when you log in, the mobile app will alert you and allow you to tap the green checkmark for entry instead of typing a code.
See the video below for the feature in action.
However, this feature only works on a handful of sites, and I was unable to find a list, or determine how widely available it was.
The Authenticator feature is meant to be a drop-in replacement for something like Google Authenticator or Authy, but I’m not sure I’d migrate until testing it more thoroughly with all of the services I use regularly.
This is something that most password managers have called “Digital Legacy.” If you are not able to access your logins (in the event of death, hospitalization, etc.), family members can request access on your behalf.
The problem with the way that LastPass implements this feature is that the members also have to be LastPass users. In my opinion, this is a significant, glaring oversight that dramatically degrades the utility of this feature.
LastPass has a generous free version that allows you to install the app on all of your devices and use an unlimited amount of passwords, secure notes, multi-factor authentication and more. It’s by far the best free version of any password manager I’ve seen so far. One limitation is with sharing — you can only share “one-to-one.” This means that you can share a password, but you’ll have to share them with each person individually.
With the Premium plan, you get “one-to-many” sharing, emergency access, priority support, and LastPass for applications. As per other services, you also get upgraded file storage (1gb). LastPass for applications is a feature for Windows machines that allows you to login with autofill or launch directly from the taskbar.
There’s also a family plan that includes up to 6 users for $4 per month.
LastPass seems to be an excellent option for Windows users, but other password managers are getting better at multi-platform and may be eroding their competitive head start.
In terms of originality, LastPass does deserve some cred, as it was one of the first services to gain traction. That said, it’s also suffered under the weight of that crown with more security incidents than most competitors, and a massive $110 million sale that left many disgruntled users looking for new options.
All things considered, if you’re not a hardcore Windows user and are open to using a paid service, I think there are other, better options in 2020.