LastPass review: Deep dive into the good and bad of this famous password manager
When it comes to choosing a password manager, you need to be extra careful. That’s because you’re going to trust it for the most critical digital asset – your password. That’s why you should do a thorough background check for the utility’s security, credibility, and resilience.
However, some brands have withstood the test of time. One such brand is the LastPass password manager.
But didn’t it make it to the news for some security issues? We hear you ask!
Well, LastPass is one such tool that has an impressive service together with a shaky cybersecurity history. So, you might have to learn about it in detail before opting for it.
To help you with that, we have come up with this extensive LastPass review. So read along to find out more about LastPass as we touch every bit of its good and bad.
LastPass password manager overview
LastPass is quite an old player among the password managers. It started back in 2008 as a standalone password manager. Later, in 2015, the software firm LogMeIn, Inc acquired LastPass not before the latter took over the Xmarks browser extension for syncing passwords. This move already hinted at how LastPass rules the realm of passwords in the coming years.
Although, later, in 2018, LastPass had to shut down Xmarks owing to its similarity of services with LastPass.
Nonetheless, the rise of LastPass popularity among the users clearly proved it a wise decision by LogMeIn.
And now, they have a single yet dominant password management product that offers every feature of or relating to passwords.
Today, LastPass doesn’t only serve as a tool to store passwords. Instead, it functions as a personal assistant to the users regarding the secure storage and ready accessibility of their sensitive data on the go.
Currently, LastPass is available as an app for PCs and mobile devices and a browser extension. This diversified availability lets you quickly sign in to your accounts through any devices you own or can access.
With LastPass, you neither have to worry about remembering loads of passwords. Nor do you have to worry about saving your important stuff other than passwords, such as your credit card details, as LastPass will also take care of that.
Curious to know more? Let’s delve into the features in detail through this honest review of LastPass.
LastPass key features
When it comes to features, LastPass offers much more than what you expect from a typical password tool. Aside from password generation and storage, it allows you to use the tool as the go-to wallet for your sensitive data. That too, with thorough privacy and security.
In this LastPass extensive review, we have described every detail of the app features to help you understand the tool.
The most attractive feature of LastPass is its catchy interface. From their website to the app, they have taken care of making the interface appealing and easy to use even for a non-techie user.
We really liked the LastPass layout, by the way. With a catchy color scheme of red and black, LastPass bears an intuitive and user-friendly interface across all of its apps.
After visiting their website, you can easily find the “Get LastPass Free” button to start registering yourself on the platform. Besides, you can also find easy options to learn about how this tool works to serve you.
Likewise, after downloading the app, you will be welcomed by a virtual guide tool to help you start navigation. Even if you skip the tour, you can still find all the options conveniently located in the sidebar.
To begin with, LastPass comes with an inclusive password management feature. Here, you can not only save and store new passwords but can also save past ones.
For this, the tool allows you to ‘Import’ the passwords from any other password manager. You can also import passwords saved in your browser to LastPass.
While LastPass supports most password managers to import files from, in case you don’t find yours in the list, you can export a CSV file of passwords from your password manager and upload it to LastPass.
Besides importing, you can also ‘Export’ your passwords to other places from LastPass.
Quick password auto-fill and auto-logins
What’s the use of using a password manager if you have to type in complex passwords anyway?
Well, LastPass saves you from this hassle by providing you with a swift automatic form filling option.
Using this feature, you let the password manager fill up forms on your behalf with the relevant information, including your passwords, bank/card details, or addresses.
Want to have a more convenient sign-in process? Simply enable the auto-login feature of LastPass when saving your password. The tool will then automatically sign you into the allowed websites whenever you visit them.
Disable LastPass on some sites
Although, automatic login is a convenient feature to save the time required to wait for logins. However, you might want to change your decision sometime later.
In such a case, no need to do anything with your account password. Instead, simply stop the LastPass tool from a specific function(s) on certain websites.
Besides, you can also check the “Disable auto-login” option when storing a password for the first time to your vault.
LastPass comes with an impressive password generator that saves you from the hassle of creating strong passwords.
Of course, remembering complex gibberish to create strong passwords is not easy. However, since LastPass allows you to store your passwords, you don’t have to worry about memorizing some random meaningless characters.
With their password generator, you can create passwords up to 99 characters long. You can also decide whether your password should have uppercase letters, lowercase letters, numbers, symbols, or a combination of two or more of these. You can even choose all four of these elements to create the strongest passwords.
After deciding the parameters, the tool will generate a random password. You can then copy and paste it to the website you need a password for.
Username generator tool
Like your passwords, your usernames also play an important role in keeping your accounts secure. If you have set up strong usernames, any hackers attempting to brute force won’t even get the chance of reaching your passwords as your usernames would cause a hurdle.
But what else should you use instead of your real names as your usernames?
LastPass has got you covered with a fantastic username generator tool.
Using this tool, you can get some really strong usernames, just as LastPass suggests passwords. When needed, you can use this username generator to pick a random strong username with your desired alphanumeric combination. After that, copy the suggested username and paste it on the site you need to set up a username for.
Although, you won’t find this option in the LastPass app since the service offers it as an online tool on their website.
Nonetheless, this easy availability also makes this feature usable (and valuable) even for non-users.
Creating vaults and sub-vaults
Another exciting feature with LastPass is to create custom vaults. This is particularly useful for those who use too many online accounts and thus, have too many login credentials.
Of course, it’ll be difficult to sort your desired information from a mix of personal and professional stuff.
Therefore, with LastPass, you can create a custom vault, say, for personal use. There, you can save all your personal notes, personal bank card details, passwords for your personal accounts, and more. All this stuff will remain secure without getting mingled with your work data.
Save lots of personal stuff
While LastPass primarily aims to help you manage your passwords, it actually lets you save a lot of stuff.
In brief, LastPass can be your personal handy digital wallet where you can store all the details that you need frequently.
For example, you can save your login credentials (usernames and passwords) for different accounts. This includes your social media as well as your email accounts. Enabling the option of password auto-fill also saves your time and effort to sort out the relevant account credentials when signing in.
Plus, LastPass also lets you save your credit card details. No need to worry about saving your card details securely. Nor do you have to keep your cards in hand just because you don’t remember your card numbers.
With LastPass, all you have to do is to spare a few minutes just once to enter the details of all your credit/debit cards. Then enjoy a peaceful online shopping experience anytime without worrying about your card security.
Similarly, you can save almost anything that you deem important in your very own LastPass password manager.
Share with others
Although, LastPass is a personal password and data vault. However, realizing that you might, at times, need to share your important details with others, LastPass offers you a dedicated sharing feature.
You can find this setting named “Sharing Center” on the dashboard. Using this option, you can choose which information you can share with others. You can easily invite particular users for it without having to disclose any sensitive details before time.
For instance, if you have shared the login credentials for certain work accounts, you can share that folder with a co-worker to allow easy access to those accounts. In this way, you don’t have to mention your credentials anywhere (such as in an email or a message). Rather, you simply invite the user to LastPass by sending an invite to the user’s email address.
Usually, you don’t have to give long-term sharing access to any other user of your data. However, you might have to do so for a brief period, especially when you trust the other individual for your passwords.
To manage such situations, LastPass offers you an alternate, timed sharing feature – emergency access.
Using this setting, you can not only invite a person to your LastPass account but can also predetermine the waiting period.
You can set this duration anywhere between immediate access to 30-days. For example, choosing “Immediately” allows you to give instant access to the other user the moment the user accepts your invitation. Or, choosing a longer waiting period gives more time to the user to accept your invitation.
Once granted access, your trusted contact can then view all of your password manager details in its own vault.
But this doesn’t mean a permanent breach of your privacy. You can revoke the access at any time.
Security score and alerts
Curious to know how secure your accounts are? LastPass provides you with thorough insights into your account’s security status via a “Security Score.”
You will find this option in the Security Dashboard tab on the sidebar. The Security score gives you the safety status of your account that it analyzes based on different factors.
Specifically, these parameters include the “At-risk passwords” – that is, the vulnerable ones, having active “multifactor authentication” (we’ll explain this shortly), the number of trusted devices where you might use LastPass, and mobile devices.
Alongside displaying the status, this feature also lets you take the necessary action to enhance your security.
For example, as you can see in the screenshot above, our account (that we used for this LastPass password manager review) lacked multifactor authentication. So, the feature alerted us to activate that option.
Certainly, amidst the rising incidents of security breaches, you are lucky if your data hasn’t been sold on the dark web yet. But, the risk of you suffering a privacy breach is always there, particularly for your passwords. That’s why LastPass offers you dark web monitoring.
Precisely, when you save your credentials to the LastPass password manager and turns on this feature, the tool then keeps a check for the potential appearance of your password on the dark web. Upon detecting such an appearance, it alerts you to change your password. Thus, it helps you keep your account secured.
Although, it doesn’t mean that your account for a particular service remains safe even after a cyber attack if LastPass displays no such alerts. A service might suffer a cyber attack, but your password doesn’t appear on the dark web.
That’s why, as a cybersecurity best practice, you should keep changing your passwords frequently, each time setting up unique, never-used-before passwords. You can also use LastPass’s password generator to help you come up with strong passwords.
Wondering where to locate this setting? Well, you will find it right below the ‘Security score’ in the ‘Security Dashboard’ menu. To activate, simply choose the email address(es) that you are concerned about. And LastPass will keep monitoring those credentials for a potential breach.
After going through the features like breach alerts, security score, and dark web monitoring, we were curious to determine if LastPass offers anything more.
And, there, we found another exciting feature – credit monitoring.
Available to the premium users only (free users, sorry, no luck!), “Credit monitoring” is an additional security feature for LastPass users that allows them to keep an eye on their credit reports.
Enabling this feature by filling up your details makes LastPass scan your credit reports for any changes in your information or credit score. For this, LastPass communicates with TransUnion, thereby communicating with all three credit monitoring services to monitor your profile for identity thefts or frauds. Upon detecting a change, the tool generates alerts for you to take the necessary action.
Regarding how it protects this sensitive data of yours, LastPass states in a support article,
In order to enable credit monitoring in your LastPass account, you must create a Credit Monitoring Profile with your first name, last name, full address, Social Security number, phone number, and birth date. The data is securely transferred via SSL to TransUnion® for the LastPass Credit Monitoring service (and to all three credit bureaus for the LastPass Free Credit Monitoring service) to monitor your personal information across thousands of databases; actively seeking evidence of fraud or identity theft on your behalf.
When using this service, you get the alerts via popup notifications from the LastPass browser extension alongside email alerts.
Currently, this facility is only available to US users.
How LastPass ensures security
When you trust a password manager for your passwords and sensitive data, you need to keep it secure. In fact, it should be even more protected than any other account as it holds lots of important information about you.
Thankfully, the LastPass password manager isn’t just a tool loaded with data storage features. Rather it also assures your account security by offering different features implementing security measures to help protect your password manager.
LastPass applies robust encryption technology to protect your accounts.
Precisely, it has built its useful tool having robust AES-256-bit military-grade encryption. This technology encrypts all the data in your vault before it transmits to LastPass servers. The decryption resides within your device only, which lets the app decrypt your vault when you access your account.
Whereas, for the security of your Master Password, LastPass uses one-way salted hashing for the passwords to verify your login attempts.
That means what their servers receive from you is only the encrypted chunks of data. Neither your master password nor your data stored within the vault do LastPass know.
Another noteworthy security feature with LastPass is that it allows users to set up multi-factor authentication quickly.
For this, LastPass offers its own 2FA authentication that includes sending a notification or a one-time code to the phone.
Otherwise, users may also choose their desired authentication method from the variety of options supported by LastPass. These include Google Authenticator, Duo, Microsoft Authenticator, and many more.
All you need is to click on the desired option. LastPass will then guide you on setting up MFA.
Once done, rest assured that your account logins will remain safe from fraudulent attempts.
LastPass keeps track of the locations you use to sign in to your account. Thus, it blocks login attempts from previously unknown locations. Also, it sends an email to the account’s email address asking to verify the login attempt.
That’s how it prevents potential malicious sign-in attempts in the case you suffer a Master Password theft.
But it doesn’t mean that you can’t access your account while traveling. You can authorize the login attempt from the new location via the email you receive.
Once done, LastPass won’t bother you in subsequent login attempts.
But what if I want to change this memory? We hear you ask.
For this, click on the ‘Account Settings’ option on the sidebar of the dashboard. Then, under the “General” settings menu, click on the “Show Advanced Settings” button appearing at the bottom.
Then, scroll down to reach the “Country Restriction” setting. It presents a list of countries from where you can allow LastPass logins.
In the same list, you will see some countries already chosen. These are the ones that you have authorized for sign-in attempts earlier. You can either leave the list as it is, or uncheck the countries that you won’t be signing in to LastPass from.
But what if I’m using a proxy or a VPN, and LastPass blocks me? We hear you ask!
Here again, LastPass ensures the utmost convenience.
Firstly, when using the VPN/proxy, you can simply authorize the sign-in attempt via your email just as you’d do while traveling abroad.
Yet, it’ll be hectic for you to keep authorizing every new location LastPass detects if you are an avid VPN user.
So, you can simply allow sign-in attempts via VPNs.
You can even choose the app to allow/disallow logins from Tor networks, Satellite Providers, and other unknown locations.
One-time password (OTP) login
For password managers, your Master Password serves as the key to the treasure trove of your data. Therefore, as we explained above, you need to keep it really safe.
Perhaps, you can set up a strong and unique Master Password to keep your password vault safe.
But what if someone still guesses your Master Password via hacking attacks like keylogging? What if you have to sign in to your password manager from a public computer or use a potentially infected PC?
To let you experience a secure sign-in to your account without risking your Master Pass, LastPass offers temporary logins via OTP (one-time-password.
Using this feature, you can get an OTP to sign in to your account using the OTP in place of your Master Password. Once you sign in, it’ll be expired, and no one tracking your OTP would be able to break into your account.
To use this feature, go to the LastPass login page and click on “Advanced options.” You will then see the OPT login option “Log in using One Time Password.” Clicking on it will take you to another login page, where you will have to enter your registered email address and the OTP.
You can generate numerous OTPs in advance when sign-in from a trusted device. When logged in, visit the OTP settings from your LastPass app via Advanced Options > Manage one-time passwords. You will see the following screen, where clicking on “Generate a one-time password” will display an OTP for you.
Note the OTPs somewhere and keep them with you on the go.
Whenever you need to sign in to your LastPass account in unsafe circumstances, simply use one of the OTPs. At your end, remove or delete it from your list of OTPs so that you won’t use it again erroneously.
Now that you know much about the prominent LastPass features, let’s begin with a more detailed view of it in this honest review of LastPass.
How do I recover my LastPass password?
Being your digital treasure vault, LastPass protects all your accounts by managing the security of passwords with ease. However, you still need to protect the master key – the Master Password – to secure your LastPass account itself.
Although, LastPass helps you in that by offering 2FA, OTP, and other security measures.
But what if you just forget your Master Password and are locked out of your account?
Don’t worry because LastPass offers a very safe account recovery feature.
Specifically, LastPass, like every other platform supporting user accounts, offers a “Forgot Password?” option to the users. Using this feature, you can reset your Master Password easily if you can’t recall what it is or are somehow locked out of your account.
To proceed with recovery, you can use your mobile phone, SMS, email, or even your OTP. Here’s how to do that.
Recovery via email
When you click on the “Forgot Password?” option appearing on the sign-in page, LastPass first offers a “HINT” feature to help you recall your Master Password. You can set up this hint earlier via your Account Settings or when updating your Master Password at any time. This feature is handy for those who can’t recall their Master Password. Yet, if the hint doesn’t help you, you can proceed to get the instructions for recovering your account via email by clicking the “Account Recovery” option.
Recovery via SMS
If you have connected your LastPass account to your mobile number, you can also opt for receiving a code for recovering your account via SMS.
Recovery via mobile phone authentication
If you are not comfortable receiving codes or emails for recovering your account, you can also opt for ID verification. If you haven’t previously used the LastPass app on your mobile, you can proceed to download it, where it will ask for biometric verification right after installation. Here, you can set up your fingerprint or face scan for verification. Then, to recover your account, simply confirm your identity via Touch ID or Face ID on your LastPass mobile (iOS or Android) app.
Recovery via OTP
The useful one-time password feature will also help you access your account whenever you forget your Master Password. You can also use the OTPs that LastPass creates whenever you log in to your account from the browser extension.
Recovery via old Master Password
Another way to recover your LastPass account is to use your old Master Password. This option is handy if you have just changed your Master Password and can’t recall the new one. However, using this feature has some limitations. At first, you must have made the change within the past 30 days. Secondly, using your old Master Password restores your account from a previous state when you actually had that setup as your Master Password. Therefore, when recovering this way, you will likely lose any recent changes/updates made to your account after changing your Master Password.
If none of these options work for you, the last resort that we won’t recommend is resetting your account.
While this will let you gain access to your account, you actually risk all of your data stored in the account. What you regain is mere account access with some unchanged settings only. You can’t recover your data lost this way.
Does LastPass work on all devices?
An ideal password manager is the one that accompanies you everywhere. LastPass has got you covered here too.
Precisely, the service offers support for almost all major devices that you would use to sign in to your online accounts. These include,
- Computers: dedicated app for Windows, macOS, and Linux, along with a native web app.
- Mobile devices: dedicated apps for iOS and Android devices (smartphones, tablets, smartwatches) on the Apple App Store and Google Play Store respectively.
- Browsers: Google Chrome, Mozilla Firefox, Microsoft Edge, Opera, Safari.
Besides, LastPass also offers unlimited device support.
You can use LastPass as either an app or a browser extension on as many devices as you want. In this way, you will never face trouble managing your passwords regardless of where you go.
While this is true for LastPass paid users, for free users, there’s a catch.
Earlier, LastPass used to offer support for unlimited devices, even to free users.
However, as of March 2021, LastPass has changed this policy, thus limiting the free users to one device type only. That is, the kind of device you use your LastPass account on – either a computer or a phone.
This change doesn’t cap the number of devices you can use LastPass on. Instead, it simply specifies the device type. Depending upon the type of devices you use more, you can choose either of these types to use LastPass.
Although, it might be annoying for the old LastPass free users who previously enjoyed limitless device support.
Nonetheless, compared with most other top password managers of today, LastPass beats them all regarding device support.
For instance, in the case of NordPass, you only get one active session on a single device at a time as a free user. Whereas, with LastPass, there’s no such restriction.
At PrivacySavvy, we always deem customer support as an important parameter while reviewing any software or tool. Therefore, for this LastPass review, we assessed the tool’s usefulness for its support for customers.
Basically, LastPass offers numerous means through which a user can reach out to them. However, they do have a somewhat biased attitude towards the free users.
As their support article states, LastPass offers no direct support to the free users. So all they are left with is the service’s ‘Support Center’ that includes helpful articles.
Albeit, this resource does include answers to most of the queries a free user might have. From the basic setup guides to troubleshooting and information resource, LastPass has included many helpful articles there.
Besides, free users can also seek help from the LastPass Community.
Whereas the premium users enjoy all of this together with 24/7 email support too.
Though, they can’t seek help via phone. This facility is typically available to premium business users only.
During our testing, we found their Support Center very helpful. Whatever information we wanted to know was available there. We also noticed a chatbot that helped us reach the right articles.
Though, we really missed 24/7 chat support. Perhaps, they should at least offer this facility to premium users. Perhaps, this might also encourage many free users to upgrade their subscriptions as well.
Setting up the LastPass password manager
Now that you know pretty much about LastPass, let’s move on to learn how you can use this password manager. To develop this up-to-date LastPass review for you, we created a new account that helped us find out how LastPass works in 2021.
Certainly, the overall setup is pretty simple. You can simply head to their website and click on the “Get LastPass Free” button. This will guide you through LastPass’s free download.
Alternatively, you can choose a paid subscription plan to start with. As a regular user, you can choose the ‘Premium’ plan for personal use, or you can go for the ‘Families’ plan to buy a subscription for your family users as well.
Whereas customers from the corporate sector can simply check out the business plans to find the one that best suits them.
To create an account, all you need is to follow the instructions and keep providing the information as asked. Don’t worry about your data, as it just requires an email address from you to begin with. At the same time, you can set up a Master Password for all future uses. LastPass will guide you about the password strength right then.
Once done, you will now have to log in to the LastPass web app to reach your dashboard.
Or, you can also download the relevant LastPass app or browser extension on your device to start using it.
How to use LastPass password manager
Wondering how to begin securing your passwords with LastPass? Here is a quick guide for you.
Though these steps basically guide you through the web app, they generally apply to all LastPass apps.
After signing in to your account, you will see the main dashboard. It initially appears empty as it doesn’t have any information stored yet.
The black sidebar encloses the main options to save and manage your data in the password manager.
Here, you can click on a specific option, for instance, ‘Passwords,’ to start saving your passwords. Or, you can click on the plus icon for the ‘Add item’ menu to explore more options.
After adding your details, you will find the stored information on the main dashboard. (It’ll no longer remain empty.)
Once done, scroll down the sidebar to find the ‘Advanced Option’ tab. Here, you will find the basic features to manage your data. For example, you can ‘Import’ or ‘Export’ passwords, add profiles (or ‘Identities’) to segregate personal and work stuff, save your favorite websites, or take a look at how you have used your password manager.
Also, towards the bottom, you will find some important security options, including ‘Credit monitoring.’
Under the “Account Settings” tab, you will find all the options to manage your Master Password, account recovery options, MFA, and customization of LastPass behavior for different URLs.
You can also set up your password manager on your mobile phone by downloading the relevant app from the app store. Once done, you can then enter your email address and Master Password to access the password manager.
However, before doing that, subscribe to a premium pricing plan. Otherwise, you will be bound to use LastPass either on your mobile phone or your PCs – not both.
Can I use the LastPass password manager for free?
Of course, yes!
LastPass has always been one of those best password managers that offer a free subscription plan as well.
Recently, though, these guys did some updates that have made the free version less worthy than the paid plans.
For instance, they previously had no distinction between the free and paid users regarding customer support. But, since May 17, 2021, they ended 24/7 email support for free users, leaving them with the community forum and support articles only.
Whereas, even before doing that, they restricted the free users to use LastPass either on PCs or mobile devices.
Still, the LastPass free download plan is worth trying for regular users as it still offers all the basic features you need.
For instance, you can still use the password manager on unlimited devices of the same type. Plus, you can store all of your sensitive details in your password vault, enjoy one-to-one sharing, and more.
As for the features NOT available to you for free, these include,
- Unrestricted device type
- One-to-many sharing
- File storage (1GB)
- Security score
- Dark web monitoring
- Credit monitoring
- Emergency access
- MFA via Yubikey and biometric scan
- Customer support
This is where the Premium subscription plan wins over the free plan. By paying a few bucks per month, you get all the basic features offered to free users alongside the fancy security features. Also, with a free plan, you only get basic support meaning you can access their support articles and community; however, for 24/7 email support, you’ll need to upgrade.
LastPass subscription and payments
As we just explained, LastPass does offer a useful free subscription plan without any premium security feature.
Nonetheless, it doesn’t mean that LastPass will cost you a fortune for these features. Instead, they have developed very affordable subscription plans for individual users, families, and corporate customers.
LastPass premium and families plan – For regular users
The LastPass Premium subscription plan costs only $3/month. So, if you’re a privacy geek, you can certainly go for the Premium version for individual use.
Whereas, if you need the same level of security and convenience for your family as well, then try the LastPass Families plan. With just $4/month, you can provide the same level of security, jazzed up with unlimited sharing, a separate vault for every user, a dedicated Family dashboard, and one-to-many sharing to as many as 6 different users.
Though, this plan isn’t suitable for large families. Perhaps, you may try 1Password if you need a family plan supporting more users.
And, if you’re wondering whether it will be worth paying, then create a free account and enjoy a 30-day free trial of the Premium version. Whereas, for trying the Families plan for 30-days, sign-up via the trial option offered with the plan.
LastPass doesn’t require you to enter your card details or any other payment method. Nor it demands upfront payments. Just sign-up and see what worthy features you would lose after the 30-day trial period ends. You will surely prefer buying it.
LastPass business plans – For corporate users
LastPass isn’t just a password manager for regular users. Instead, it also offers advanced security features for enterprise customers too.
Precisely, they offer four different subscription plans for business users. Depending upon the requirements and team size, companies can choose a specific plan without worrying about money since LastPass offers a 14-day free trial with all plans.
Is LastPass safe to use?
As you have reached this point, you might be thinking of LastPass as a secure, robust, and vigilant privacy tool. However, since we strive to come up with an unbiased review of LastPass, we want you to know about the cybersecurity issues that the service has suffered in the past.
Though, these incidents didn’t severely impact the performance and security of LastPass. Nonetheless, they highlighted that cybersecurity is an area on which LastPass needs to focus more.
2015 data breach
LastPass first made it to the news back in 2015 when the company admitted to having suffered a data breach.
At that time, the firm disclosed that the hackers could break into their network and strived to gain access to the database. However, since LastPass hadn’t stored users’ passwords in unencrypted form, they assured users about the safety of their data.
Though, they admitted that the multiple hashing procedures made deciphering the encrypted master passwords “extremely difficult.” (Note that they didn’t say “impossible” because the hacker did gain access to encrypted passwords and could thus try to decrypt them theoretically.)
However, they confirmed that the hackers didn’t access the encrypted user tokens, and so, users’ data stored within their accounts remain safe.
Following this incident, the company also jazzed up its security structure to prevent such incidents.
Although, after that, LastPass didn’t apparently suffer a cyber attack. However, researchers could still highlight bugs in their apps that could expose users’ data. This happened at least twice in 2016 (January and July). Fortunately, the bugs received a fix before a bad actor could exploit them.
Realizing the potential of the cybersecurity community to help improve the security, LastPass even started a dedicated bug bounty program. Nonetheless, they still lagged behind in enhancing their security as the researchers kept pointing out more bugs in the subsequent years.
Thankfully, all of those reports got attention from LastPass before someone could exploit them. So, the users remained safe.
Trackers in Android app
Recently, LastPass faced backlash as its Android app exhibited weird behavior. In March 2021, right after LastPass made changes to its free version, a researcher noticed seven different trackers in the LastPass Android app.
While the researcher found them actively running, LastPass, in a statement, assured no sharing of data to any trackers. Ironically, despite the presence, LastPass admitted to not knowing what these trackers do. That’s where things got weird. Nonetheless, LastPass explained that users could opt out of any analytics via the privacy settings.
Should I use LastPass?
Although, LastPass has a demonstrated history of cybersecurity issues. Nonetheless, these things don’t diminish the importance of this tool.
Mainly, considering how the tool has remained safe from any further breaches since 2015, LastPass appears a safe option to store your passwords.
Besides, even you use any other password manager, you never remain safe from such threats.
In March 2020, researchers from the University of York presented a detailed white paper on how multiple vulnerabilities crippled the best password managers of today.
So, it’s somewhat acceptable for any tool, including a password manager, to develop bugs until they proactively detect and fix them. (Obviously, being PrivacySavvy, we can never support a tool that deliberately ignores users’ data security.)
Moreover, the biggest plus with LastPass is the bunch of features that greatly help you monitor your data privacy. Plus, the underlying encryption technology, together with device sync, also makes this tool much useful.
Thus, instead of risking your passwords by saving them to your browsers or setting up easy-to-break passwords just because you can’t remember the difficult ones, you should better use LastPass and save yourself from the more common cyber threats.
You can even use an alternative service if you aren’t comfortable with LastPass. But make sure that you at least use a password manager instead of using nothing like that at all.
Troubleshooting common LastPass issues
Although, LastPass is a generally easy-to-use tool with little to no glitches. Nonetheless, just like any other technology product, LastPass may also develop glitches.
So, here we quickly list the most common issues you may experience when using LastPass.
The browser extension isn’t working
If your browser extension or LastPass Chrome extension stops working, here’s how you can troubleshoot.
- Check for updates: Frequently, your browser extension develops glitches when it remains un-updated. So, make sure that you have the latest extension version running on your browser.
- Reinstall browser extension: If your extension is up-to-date and you still face trouble using it, simply uninstall it. Then head on to the LastPass website and re-install it. It should now work fine after you sign in to your account.
- Check if the extension is disabled: After browser updates or other settings, your browser extension may likely get disabled. So, make sure that you have your LastPass extension enabled among all other add-ons.
- Adjust add-on visibility: If you are simply unable to find the extension icon prominent in the toolbar, it may have got hidden. But you can fix it easily by customizing your toolbar.
Auto-fill feature stops working
Auto-fill is an excellent option that LastPass offers to save your time. Whether it’s about automatically entering your passwords during logins or about filling up your billing details on an e-commerce website during check-out, auto-fill helps you everywhere.
However, if this feature stops working, you will have to bear with all the efforts of typing your data yourself.
But, don’t worry, here’s how you can resolve this issue.
- Go to your password manager settings and ensure that you have enabled auto-fill for all those websites on which the extension isn’t working. If the settings are fine, double-check them via your browser extension ‘Preferences’ as well.
- To adjust your ‘Preferences’ setting, log in to your LastPass browser extension.
- Go to ‘Account Options,’ then ‘Extension Preferences.’
- Look for ‘Automatically Fill Login Information,’ enable it, and click on ‘Save.’
Apart from these issues, you may also face problems setting up two-factor authentication, managing vaults, generating OTP, or importing passwords. Often, clearing the browser or app cache will resolve the issue.
Yet, if you still face trouble, then feel free to reach out to the LastPass support. You can send them an
Verdict: Is LastPass worth paying?
LastPass has reigned the realm of password managers for quite some time. It gained popularity among users for its lucrative free version.
Unfortunately, LastPass has recently made some significant changes to its policies and services offered to the free users. Specifically, they have pulled off some major features such as email support and implemented device-type limitations that have ruined the LastPass free version.
Nonetheless, LastPass surpasses many other password managers due to the premium features it offers for very affordable costs. Also, though you can’t have them for free, LastPass is worth using as a free password manager tool, given its range of basic security options.
Here is a quick summary of everything explained in this review, as LastPass pros and cons.
- A completely free version for users
- Easy-to-use interface
- Can store different types of information in addition to passwords, like bank details, credit cards, and more
- Effective auto-fill feature that works for all saved information types
- Offers continuous dark web monitoring, breach alerts, and credit monitoring
- Diversified device supportProvides support for 6 users under the Families plan
- Multiple account recovery options
- Free trial for 30-days (no credit card required)
- Lacks customer support via live chat
- Free version has some limitations
- Trackers found in the Android app
- Has a history of cybersecurity issues
We now reach the end of this LastPass review.
As you can see, LastPass is a decent password manager that sets you free from the burden of remembering and managing passwords. Furthermore, since you can save lots of other personal stuff in this password vault, LastPass is a useful resource for anyone looking for something to handle their data securely.
Although, LastPass has some problem areas concerning its performance, such as a limited free version and a history marred with data breaches. Yet, given how the service improvised itself and the bunch of unique features coupled with affordable subscription fees, LastPass becomes worth a try.
If you ask us in short whether we recommend this password manager or not, then the answer is yes, we do! LastPass falls nothing short of becoming one of our recommended password managers. Especially for users who are hesitant to pay for such a utility, LastPass is the right choice.