A Comprehensive 2024 LastPass Review

Abeerah Hashim  - Security Expert
Last updated: January 1, 2024
Read time: 43 minutes
Facts checked by Abeerah Hashim

Is LastPass safe to use even after the data breach? How does LastPass protect my passwords? Find answers to all your queries in this LastPass review.

When it comes to choosing a password manager, you need to be extra careful. That’s because you’re going to trust it for the most critical digital asset – your password. That’s why you should do a thorough background check for the utility’s security, credibility, and resilience.

However, some brands have withstood the test of time. One such brand is the LastPass password manager.

But didn’t it make it to the news for some security issues? We hear you ask!

Well, LastPass is one such tool with an impressive service and a shaky cybersecurity history. So, you might have to learn about it in detail before opting for it.

To help you with that, we have come up with this extensive LastPass review. So read along to find out more about LastPass as we touch every bit of its good and bad.

LastPass password manager overview

LastPass is quite an old player among the password managers. It started back in 2008 as a standalone password manager. Later, in 2015, the software firm LogMeIn, Inc acquired LastPass not before the latter took over the Xmarks browser extension for syncing passwords. This move already hinted at how LastPass rules the realm of passwords in the coming years.

Following its acquisition by LogMeIn, the firm launched its two-factor authenticator in 2016. Thus, strengthening its position further as an inclusive login tool.

Although, later, in 2018, LastPass had to shut down Xmarks owing to its similarity of services with LastPass.

Nonetheless, the rise of LastPass popularity among the users clearly proved it a wise decision by LogMeIn.

And now, they have a single yet dominant password management product that offers every feature of or relating to passwords.

Today, LastPass doesn’t only serve as a tool to store passwords. Instead, it functions as a personal assistant to the users regarding the secure storage and ready accessibility of their sensitive data on the go.

Currently, LastPass is available as an app for PCs and mobile devices and a browser extension. This diversified availability lets you quickly sign in to your accounts through any devices you own or can access.

With LastPass, you neither have to worry about remembering loads of passwords. Nor do you have to worry about saving your important stuff other than passwords, such as your credit card details, as LastPass will also take care of that.

Curious to know more? Let’s delve into the features in detail through this honest review of LastPass.

LastPass pros and cons

  • A completely free version for users
  • Easy-to-use interface
  • Can store different types of information in addition to passwords, like bank details, credit cards, and more
  • An effective auto-fill feature that works for all saved information types
  • Offers continuous dark web monitoring, breach alerts, and credit monitoring
  • Diversified device support provides support for 6 users under the Families plan
  • Multiple account recovery options
  • Free trial for 30-days (no credit card required)
  • Lacks customer support via live chat
  • Free version has some limitations
  • Trackers found in the Android app
  • Has a history of cybersecurity issues

LastPass key features

When it comes to features, LastPass offers much more than what you expect from a typical password tool. Aside from password generation and storage, it allows you to use the tool as the go-to wallet for your sensitive data. That, too, with thorough privacy and security.

In this LastPass extensive review, we have described every detail of the app features to help you understand the tool.

User-friendly interface

The most attractive feature of LastPass is its catchy interface. From their website to the app, they have taken care of making the interface appealing and easy to use, even for a non-techie user.

We really liked the LastPass layout, by the way. With a catchy color scheme of red and black, LastPass bears an intuitive and user-friendly interface across all of its apps.

After visiting their website, you can easily find the “Get LastPass Free” button to start registering yourself on the platform. Besides, you can also find easy options to learn about how this tool works to serve you.

LastPass user expereince

Likewise, after downloading the app, you will be welcomed by a virtual guide tool to help you start navigation. Even if you skip the tour, you can still find all the options conveniently located in the sidebar.

Import/export passwords

To begin with, LastPass comes with an inclusive password management feature. Here, you can not only save and store new passwords but can also save past ones.

For this, the tool allows you to ‘Import’ the passwords from any other password manager. You can also import passwords saved in your browser to LastPass.

Import option

While LastPass supports most password managers to import files from, in case you don’t find yours in the list, you can export a CSV file of passwords from your password manager and upload it to LastPass.

Besides importing, you can also ‘Export’ your passwords to other places from LastPass.

Quick password auto-fill and auto-logins

What’s the use of using a password manager if you have to type in complex passwords anyway?

Well, LastPass saves you from this hassle by providing you with a swift automatic form-filling option.

Using this feature, you let the password manager fill up forms on your behalf with the relevant information, including your passwords, bank/card details, or addresses.

Want to have a more convenient sign-in process? Simply enable the auto-login feature of LastPass when saving your password. The tool will then automatically sign you into the allowed websites whenever you visit them.

Autofill and autologin

Disable LastPass on some sites

Although, automatic login is a convenient feature to save time in waiting for logins. However, you might want to change your decision sometime later.

In such a case, no need to do anything with your account password. Instead, simply stop the LastPass tool from a specific function(s) on certain websites.

Disable lastpass

Besides, you can also check the “Disable auto-login” option when storing a password for the first time in your vault.

Password generation

Password generation

LastPass comes with an impressive password generator that saves you from the hassle of creating strong passwords.

Of course, remembering complex gibberish to create strong passwords is not easy. However, since LastPass allows you to store your passwords, you don’t have to worry about memorizing some random meaningless characters.

With their password generator, you can create passwords up to 99 characters long. You can also decide whether your password should have uppercase letters, lowercase letters, numbers, symbols, or a combination of two or more of these. You can even choose all four of these elements to create the strongest passwords.

After deciding the parameters, the tool will generate a random password. You can then copy and paste it to the website; you need a password.

Username generator tool

Like your passwords, your usernames also play an important role in securing your accounts. If you have set up strong usernames, any hackers attempting to brute force won’t even get the chance to reach your passwords, as your usernames would cause a hurdle.

But what else should you use instead of your real names as your usernames?

LastPass has got you covered with a fantastic username generator tool.

Using this tool, you can get some strong usernames, just as LastPass suggests passwords. When needed, you can use this username generator to pick a random username with your desired alphanumeric combination. After that, copy the suggested username and paste it into the site you need to set up a username for.

LP username generator

Although, you won’t find this option in the LastPass app since the service offers it as an online tool on their website.

Nonetheless, this easy availability also makes this feature usable (and valuable) even for non-users.

Creating vaults and sub-vaults

Another exciting feature of LastPass is to create custom vaults. This is particularly useful for those who use too many online accounts and, thus, have too many login credentials.

Of course, it’ll be difficult to sort your desired information from a mix of personal and professional stuff.

Therefore, with LastPass, you can create a custom vault for personal use. There, you can save all your personal notes, personal bank card details, passwords for your personal accounts, and more. All this stuff will remain secure without getting mingled with your work data.

Save lots of personal stuff

While LastPass primarily aims to help you manage your passwords, it actually lets you save a lot of stuff.

In brief, LastPass can be your handy digital wallet where you can store all the details you need frequently.

Lastpass store everything

For example, you can save your login credentials (usernames and passwords) for different accounts. This includes your social media as well as your email accounts. Enabling the option of password auto-fill also saves you time and effort in sorting out the relevant account credentials when signing in.

Plus, LastPass also lets you save your credit card details. No need to worry about saving your card details securely. Nor do you have to keep your cards in hand just because you don’t remember your card numbers.

With LastPass, you only have to spare a few minutes just once to enter the details of all your credit/debit cards. Then enjoy a peaceful online shopping experience anytime without worrying about your card security.

Similarly, you can save almost anything you deem important in your LastPass password manager.

Share with others

Although LastPass is a personal password and data vault. However, realizing that you might sometimes need to share your important details with others, LastPass offers you a dedicated sharing feature.

You can find this setting named “Sharing Center” on the dashboard. Using this option, you can choose which information you can share with others. You can easily invite particular users for it without having to disclose any sensitive details before time.

LastPass Sharing

For instance, if you have shared the login credentials for certain work accounts, you can share that folder with a co-worker to allow easy access. In this way, you don’t have to mention your credentials anywhere (such as in an email or a message). Rather, you simply invite the user to LastPass by sending an invite to the user’s email address.

Emergency access

Usually, you don’t have to give long-term sharing access to any other data user. However, you might have to do so briefly, especially when you trust the other individual for your passwords.

To manage such situations, LastPass offers you an alternate, timed sharing feature – emergency access.

LP emergency access

Using this setting, you can not only invite a person to your LastPass account but can also predetermine the waiting period.

You can set this duration anywhere between immediate access to 30 days. For example, choosing “Immediately” allows instant access to the other user when the user accepts your invitation. Or, choosing a longer waiting period gives you more time for the user to accept your invitation.

Once granted access, your trusted contact can view your password manager details in its own vault.

But this doesn’t mean a permanent breach of your privacy. You can revoke the access at any time.

Security score and alerts

Curious to know how secure your accounts are? LastPass provides thorough insights into your account’s security status via a “Security Score.”

LastPass security score

You will find this option in the Security Dashboard tab on the sidebar. The Security score gives you the safety status of your account that it analyzes based on different factors.

Specifically, these parameters include the “At-risk passwords” – that is, the vulnerable ones, having active “multifactor authentication” (we’ll explain this shortly), the number of trusted devices where you might use LastPass, and mobile devices.

Alongside displaying the status, this feature also lets you take the necessary action to enhance your security.

For example, as you can see in the screenshot above, our account (that we used for this LastPass password manager review) lacked multifactor authentication. So, the feature alerted us to activate that option.

Dark-web monitoring

Certainly, amidst the rising incidents of security breaches, you are lucky if your data hasn’t been sold on the dark web yet. But, the risk of you suffering a privacy breach is always there, particularly for your passwords. That’s why LastPass offers you dark web monitoring.

LastPass dark web monitering

Precisely, when you save your credentials to the LastPass password manager and turn on this feature, the tool then keeps a check for the potential appearance of your password on the dark web. Upon detecting such an appearance, it alerts you to change your password. Thus, it helps you keep your account secured.

Although, it doesn’t mean that your account for a particular service remains safe even after a cyber attack if LastPass displays no such alerts. A service might suffer a cyber attack, but your password doesn’t appear on the dark web.

That’s why, as a cybersecurity best practice, you should keep changing your passwords frequently, each time setting up unique, never-used-before passwords. You can also use LastPass’s password generator to help you come up with strong passwords.

Wondering where to locate this setting? You will find it right below the ‘Security score’ in the ‘Security Dashboard’ menu. To activate, simply choose the email address(es) that you are concerned about. And LastPass will keep monitoring those credentials for a potential breach.

Credit monitoring

After going through the features like breach alerts, security score, and dark web monitoring, we were curious to determine if LastPass offers anything more.

And there, we found another exciting feature – credit monitoring.

LP credit monitoring

Available to premium users only (free users, sorry, no luck!), “Credit monitoring” is an additional security feature for LastPass users that allows them to monitor their credit reports.

Enabling this feature by filling up your details makes LastPass scan your credit reports for any changes in your information or credit score. For this, LastPass communicates with TransUnion, thereby communicating with all three credit monitoring services to monitor your profile for identity thefts or fraud. Upon detecting a change, the tool generates alerts for you to take the necessary action.

Regarding how it protects this sensitive data of yours, LastPass states in a support article,

In order to enable credit monitoring in your LastPass account, you must create a Credit Monitoring Profile with your first name, last name, full address, Social Security number, phone number, and birth date. The data is securely transferred via SSL to TransUnion® for the LastPass Credit Monitoring service (and to all three credit bureaus for the LastPass Free Credit Monitoring service) to monitor your personal information across thousands of databases; actively seeking evidence of fraud or identity theft on your behalf.

When using this service, you get the alerts via popup notifications from the LastPass browser extension alongside email alerts.

Currently, this facility is only available to US users.

LastPass security challenge

One of the most appealing aspects of using a password vault and a password manager is the convenience of storing all your passwords in one place. This centralized approach also offers the advantage of being able to assess the security of each password. You can manually review them one by one, or you can take advantage of the LastPass security challenge.

It is a user-friendly analytical tool designed to assess the complexity of all your stored passwords. LastPass security challenge thoroughly examines your passwords and highlights any potential weaknesses. This is particularly helpful if you’re reusing passwords or using ones with low uniqueness, which are indicated in red with low-security challenge scores. 

The great thing is that the security challenge not only evaluates your regular passwords but also assesses the complexity of your master password. This tool will enable you to strengthen the passwords you use for other accounts and ensure that your master password is robust, enhancing overall account protection.

Additional features

On top of the features discussed above, LastPass has other extra features:

Country restriction feature 

By default, access to your login is available from any country worldwide. However, this feature enables you to select the countries from which you can access your LastPass vault. As a result, you’ll thwart attempts by hackers from foreign countries.

When traveling to another country, it’s crucial to remember to update your country restriction settings; otherwise, you won’t be able to access your vault while abroad. 

Additionally, if you frequently use a VPN, you must ensure that the countries with server locations you connect to are permitted access to your vault. 

Credit monitoring 

LastPass extends its services by offering credit monitoring to all its US users. It keeps a close watch on your credit reports and promptly notifies you of any changes that might signal a potential compromise of your identity. While credit monitoring comes with all the paid plans, you can upgrade to the premium version, granting you even more comprehensive coverage, including assistance in resolving credit score-related issues. Although we appreciate this inclusion, we prefer the identity theft protection provided by antivirus companies such as Norton. 

Passwordless options

The passwordless options tool presents a convenient way to access your vault without the need to enter your master password. Instead, you can rely on the LastPass Authenticator, making access as simple as a single click. 

Furthermore, LastPass is working on introducing the option to use desktop biometrics and security keys for passwordless login, adding even more convenience. 

Never URLs

The Never URLs feature is particularly beneficial when you prefer not to use LastPass for certain websites. When adding a URL, LastPass allows you to specify what type of Never URL you want, including Fill Forms, Generate Password, Never Add Site, Auto Login, and more. This proves useful when you share your device with others and want to prevent them from having one-click access to your accounts. 

Equivalent domains 

The Equivalent Domains tool offers added convenience for advanced users by enabling the same login for companies that utilize the same login service. For example, you can set this up for websites like Disney.com and Disneyplus.com. While LastPass provides a list of global equivalent domains, you also have the flexibility to enter your own equivalents as needed manually.

How LastPass ensures security

LastPass goes above and beyond to safeguard your data by employing multiple layers of protection. One key feature is its zero-knowledge security architecture, meaning only you can access your master password and vault data

Notably, LastPass implements advanced hashing algorithms to encrypt your passwords locally, bolstering data security further. We were impressed to find that LastPass offers various layers of protection, including support for two-factor authentication, hardware security keys, and multi-factor authentication

The backbone of its security lies in the industry-standard AES 256-bit encryption, renowned for its near-impenetrable nature, making it extremely challenging for hackers to crack and safeguard your data. While LastPass experienced a security incident in 2015, it demonstrated the resilience of its zero-knowledge security architecture. Though some aspects were compromised, such as server per-user salts, emails, password reminders, and authentication hashes, no raw passwords or vault data were exposed

Encryption technology

LastPass applies robust encryption technology to protect your accounts.

Precisely, it has built its useful tool having robust AES-256-bit military-grade encryption. This technology encrypts all the data in your vault before it transmits to LastPass servers. The decryption resides within your device only, which lets the app decrypt your vault when you access your account.

Whereas, for the security of your Master Password, LastPass uses one-way salted hashing for the passwords to verify your login attempts.

That means what their servers receive from you is only the encrypted chunks of data. Neither your master password nor your data stored within the vault do LastPass know.

Multi-factor authentication

Another noteworthy security feature of LastPass is allowing users to set up multi-factor authentication quickly.

LastPass MFA

For this, LastPass offers its own 2FA authentication that includes sending a notification or a one-time code to the phone.

Otherwise, users may also choose their desired authentication method from the variety of options supported by LastPass. These include Google Authenticator, Duo, Microsoft Authenticator, and many more.

All you need is to click on the desired option. LastPass will then guide you on setting up MFA.

Once done, rest assured that your account logins will remain safe from fraudulent attempts.

Location detection

LastPass keeps track of the locations you use to sign in to your account. Thus, it blocks login attempts from previously unknown locations. Also, it sends an email to the account’s address asking to verify the login attempt.

That’s how it prevents potential malicious sign-in attempts in the case you suffer a Master Password theft.

But it doesn’t mean that you can’t access your account while traveling. You can authorize the login attempt from the new location via the email you receive.

Once done, LastPass won’t bother you in subsequent login attempts.

But what if I want to change this memory? We hear you ask.

For this, click on the ‘Account Settings’ option on the dashboard’s sidebar. Then, under the “General” settings menu, click on the “Show Advanced Settings” button appearing at the bottom.

Then, scroll down to reach the “Country Restriction” setting. It presents a list of countries from where you can allow LastPass logins.

LP device and country

In the same list, you will see some countries already chosen. These are the ones that you have authorized for sign-in attempts earlier. You can either leave the list as it is, or uncheck the countries that you won’t be signing in to LastPass from.

But what if I’m using a proxy or a VPN, and LastPass blocks me? We hear you ask!

Here again, LastPass ensures the utmost convenience.

Firstly, when using the VPN/proxy, you can simply authorize the sign-in attempt via your email just as you’d do while traveling abroad.

Yet, it’ll be hectic for you to keep authorizing every new location LastPass detects if you are an avid VPN user.

So, you can simply allow sign-in attempts via VPNs.

LP location 2

You can even choose the app to allow/disallow logins from Tor networks, Satellite Providers, and other unknown locations.

One-time password (OTP) login

For password managers, your Master Password serves as the key to the treasure trove of your data. Therefore, as we explained above, you need to keep it really safe.

Perhaps, you can set up a strong and unique Master Password to keep your password vault safe.

But what if someone still guesses your Master Password via hacking attacks like keylogging? What if you have to sign in to your password manager from a public computer or use a potentially infected PC?

To let you experience a secure sign-in to your account without risking your Master Pass, LastPass offers temporary logins via OTP (one-time-password.

Using this feature, you can get an OTP to sign in to your account using the OTP in place of your Master Password. Once you sign in, it’ll be expired, and no one tracking your OTP would be able to break into your account.


To use this feature, go to the LastPass login page and click on “Advanced options.” You will then see the OPT login option “Log in using One Time Password.” Clicking on it will take you to another login page, where you will have to enter your registered email address and the OTP.

You can generate numerous OTPs in advance when sign-in from a trusted device. When logged in, visit the OTP settings from your LastPass app via Advanced Options > Manage one-time passwords. You will see the following screen, where clicking on “Generate a one-time password” will display an OTP for you.

LP OTP screenshot 2

Note the OTPs somewhere and keep them with you on the go.

Whenever you need to sign in to your LastPass account in unsafe circumstances, simply use one of the OTPs. At your end, remove or delete it from your list of OTPs so that you won’t use it again erroneously.

Now that you know much about the prominent LastPass features, let’s begin with a more detailed view of it in this honest review of LastPass.

Private Master Password and PBKDF2

Creating a new LastPass account involves selecting a strong master password, which functions like a regular password but is never stored on any password database and is known only to you. End-to-end encryption ensures that an encryption key is generated locally on your device, granting access to your vault securely.

LastPass enhances the protective measures through PBKDF2-SHA256, an essential derivation function that encrypts your master password 100,000 times. This strategic approach renders any brute force attack attempts by hackers virtually impossible, as the decryption of your master password becomes an incredibly challenging task.

Is LastPass Trustworthy? 

LastPass has faced some challenges in safeguarding user data, unfortunately sharing information with third parties and experiencing unauthorized access to private data last year. The sensitive nature of the data shared with a password manager necessitates complete trust in how it handles your private information. In our LastPass review, we focused on the following aspects: 

  • LastPass refrains from collecting unnecessary data.
  • It shares data with third parties. 
  • In 2022, LastPass encountered difficulties preventing unauthorized access to private data.

Given these considerations, we couldn’t rate LastPass higher than 5.0/10. 

Privacy policy 

On the bright side, LastPass implements a zero-knowledge policy, ensuring only you can access the data within your own vault. Your passwords, credit card details, and notes remain secure unless someone gains direct access to your master password. You can also use your LastPass vault to store sensitive documents like your driver’s license, passport, health insurance, or social service number. You need to provide certain information when creating an account and using LastPass’s password management features.

Here’s an overview of the data LastPass collected from us: 

  • Account information: Name and email to create a personal vault. 
  • Payment details: For customer service requirements and tax purposes.
  • Usage data: This includes sessions, device type, operating system, diagnostic data, crash data, and bug information. 
  • Location and IP address: LastPass explained that it uses this information to prevent fraud and ensure safety, but disabling it is possible. 
  • Uploaded content: Passwords and documents, even though this data is encrypted.
  • Feedback: Data from questionnaires or reviews. 

The primary purpose for collecting this information is to identify technical issues, mitigate the risk of fraud, provide product updates, and utilize it for marketing purposes. During sign-up, you give consent to share your data with third parties.

Logging and audits

LastPass follows a zero-knowledge policy, ensuring that all passwords undergo encryption and decryption locally on your personal device. When you save login credentials in your LastPass vault, they are automatically encrypted, and you are the only person with access to them, using your master password. 

Even if a data breach were to occur, which has happened in the past, rest assured that your passwords remain undecryptable. LastPass upholds this security by not having access to your master password, largely due to the safeguard of salted hashing, as mentioned earlier.

Independent Audit

During our assessment, we learned that LastPass is regularly audited by independent parties using a SOC-2 audit form. In an audit performed in December 2021 to evaluate the tool’s performance between September 2020 and August 2021, it was found that LastPass met all the key privacy standards.

Data breach and privacy

In 2022, LastPass faced a data breach that compromised its security and privacy. The hackers were able to get hold of this data:

  • Company information
  • User names
  • Email addresses
  • Invoice addresses
  • Phone numbers
  • IP addresses

The above data can be used for malicious acts, such as phishing. LastPass should be careful with user names and email addresses since criminals can use such information to compromise the integrity of the password manager tool.

How do I recover my LastPass password?

Being your digital treasure vault, LastPass protects all your accounts by easily managing the security of passwords. However, you still need to protect the master key – the Master Password – to secure your LastPass account itself.

Although LastPass helps you in that by offering 2FA, OTP, and other security measures.

But what if you just forget your Master Password and are locked out of your account?

Don’t worry because LastPass offers a very safe account recovery feature.

Specifically, like every platform supporting user accounts, LastPass offers users a “Forgot Password?” option. Using this feature, you can reset your Master Password easily if you can’t recall what it is or are somehow locked out of your account.

To proceed with recovery, you can use your mobile phone, SMS, email, or even your OTP. Here’s how to do that.

Recovery via email

When you click on the “Forgot Password?” option appearing on the sign-in page, LastPass first offers a “HINT” feature to help you recall your Master Password. You can set up this hint earlier via your Account Settings or when updating your Master Password at any time. This feature is handy for those who can’t recall their Master Password. Yet, if the hint doesn’t help you, you can proceed to get the instructions for recovering your account via email by clicking the “Account Recovery” option.

Recovery via SMS

If you have connected your LastPass account to your mobile number, you can also opt for receiving a code for recovering your account via SMS.

Recovery via mobile phone authentication

If you are not comfortable receiving codes or emails for recovering your account, you can also opt for ID verification. If you haven’t previously used the LastPass app on your mobile, you can proceed to download it, where it will ask for biometric verification right after installation. Here, you can set up your fingerprint or face scan for verification. Then, to recover your account, simply confirm your identity via Touch ID or Face ID on your LastPass mobile (iOS or Android) app.

Recovery via OTP

The useful one-time password feature will also help you access your account whenever you forget your Master Password. You can also use the OTPs that LastPass creates whenever you log in to your account from the browser extension.

Recovery via old Master Password

Another way to recover your LastPass account is to use your old Master Password. This option is handy if you have just changed your Master Password and can’t recall the new one. However, using this feature has some limitations. At first, you must have made the change within the past 30 days. Secondly, using your old Master Password restores your account from a previous state when you actually had that setup as your Master Password. Therefore, when recovering this way, you will likely lose any recent changes/updates made to your account after changing your Master Password.

If none of these options work for you, the last resort that we won’t recommend is resetting your account.

While this will let you gain access to your account, you actually risk all of your data stored in the account. What you regain is mere account access with some unchanged settings only. You can’t recover your data lost this way.

Does LastPass work on all devices?

An ideal password manager is the one that accompanies you everywhere. LastPass has got you covered here too.

Precisely, the service offers support for almost all major devices that you would use to sign in to your online accounts. These include,

  • Computers: dedicated app for Windows, macOS, and Linux, along with a native web app.
  • Mobile devices: dedicated apps for iOS and Android devices (smartphones, tablets, smartwatches) on the Apple App Store and Google Play Store respectively.
  • Browsers: Google Chrome, Mozilla Firefox, Microsoft Edge, Opera, Safari.

Besides, LastPass also offers unlimited device support.

You can use LastPass as either an app or a browser extension on as many devices as you want. In this way, you will never face trouble managing your passwords regardless of where you go.

While this is true for LastPass paid users, for free users, there’s a catch.

Earlier, LastPass used to offer support for unlimited devices, even to free users.

However, as of March 2021, LastPass has changed this policy, thus limiting the free users to one device type only. That is, the kind of device you use your LastPass account on – either a computer or a phone.

This change doesn’t cap the number of devices you can use LastPass on. Instead, it simply specifies the device type. Depending upon the type of devices you use more, you can choose either of these types to use LastPass.

Although, it might be annoying for the old LastPass free users who previously enjoyed limitless device support.

Nonetheless, compared with most other top password managers of today, LastPass beats them all regarding device support.

For instance, in the case of NordPass, you only get one active session on a single device at a time as a free user. Whereas, with LastPass, there’s no such restriction.

Customer support

At PrivacySavvy, we always deem customer support as an important parameter while reviewing any software or tool. Therefore, for this LastPass review, we assessed the tool’s usefulness for its support for customers.

Basically, LastPass offers numerous means through which a user can reach out to them. However, they do have a somewhat biased attitude towards the free users.

As their support article states, LastPass offers no direct support to free users. So all they are left with is the service’s ‘Support Center’ that includes helpful articles.

Albeit, this resource does include answers to most of the queries a free user might have. From the basic setup guides to troubleshooting and information resource, LastPass has included many helpful articles there.

Besides, free users can also seek help from the LastPass Community.

Whereas the premium users enjoy all of this together with 24/7 email support too.

Though, they can’t seek help via phone. This facility is typically available to premium business users only.

During our testing, we found their Support Center very helpful. Whatever information we wanted to know was available there. We also noticed a chatbot that helped us reach the right articles.

Though, we really missed 24/7 chat support. Perhaps, they should at least offer this facility to premium users. Perhaps, this might also encourage many free users to upgrade their subscriptions as well.

Setting up the LastPass password manager

Now that you know pretty much about LastPass, let’s move on to learn how you can use this password manager. To develop this up-to-date LastPass review for you, we created a new account that helped us find out how LastPass works in 2021.

Certainly, the overall setup is pretty simple. You can simply head to their website and click on the “Get LastPass Free” button. This will guide you through LastPass’s free download.

Alternatively, you can choose a paid subscription plan to start with. As a regular user, you can choose the ‘Premium’ plan for personal use, or you can go for the ‘Families’ plan to buy a subscription for your family users as well.

Whereas customers from the corporate sector can simply check out the business plans to find the one that best suits them.

To create an account, all you need is to follow the instructions and keep providing the information as asked. Don’t worry about your data, as it just requires an email address from you to begin with. At the same time, you can set up a Master Password for all future uses. LastPass will guide you about the password strength right then.

Once done, you will now have to log in to the LastPass web app to reach your dashboard.

Or, you can also download the relevant LastPass app or browser extension on your device to start using it.

How to use LastPass password manager

Wondering how to begin securing your passwords with LastPass? Here is a quick guide for you.

Though these steps basically guide you through the web app, they generally apply to all LastPass apps.

After signing in to your account, you will see the main dashboard. It initially appears empty as it doesn’t have any information stored yet.

LP main screen

The black sidebar encloses the main options to save and manage your data in the password manager.

Here, you can click on a specific option, for instance, ‘Passwords,’ to start saving your passwords. Or, you can click on the plus icon for the ‘Add item’ menu to explore more options.

LP Screenshot 2

After adding your details, you will find the stored information on the main dashboard. (It’ll no longer remain empty.)

Once done, scroll down the sidebar to find the ‘Advanced Option’ tab. Here, you will find the basic features to manage your data. For example, you can ‘Import’ or ‘Export’ passwords, add profiles (or ‘Identities’) to segregate personal and work stuff, save your favorite websites, or take a look at how you have used your password manager.

Features management LP

Also, towards the bottom, you will find some important security options, including ‘Credit monitoring.’

Under the “Account Settings” tab, you will find all the options to manage your Master Password, account recovery options, MFA, and customization of LastPass behavior for different URLs.

You can also set up your password manager on your mobile phone by downloading the relevant app from the app store. Once done, you can then enter your email address and Master Password to access the password manager.

However, before doing that, subscribe to a premium pricing plan. Otherwise, you will be bound to use LastPass either on your mobile phone or your PCs – not both.

Can I use the LastPass password manager for free?

Of course, yes!

LastPass has always been one of those best password managers that offer a free subscription plan as well.

Recently, though, these guys did some updates that have made the free version less worthy than the paid plans.

For instance, they previously had no distinction between the free and paid users regarding customer support. But, since May 17, 2021, they ended 24/7 email support for free users, leaving them with the community forum and support articles only.

Whereas, even before doing that, they restricted the free users to use LastPass either on PCs or mobile devices.

Still, the LastPass free download plan is worth trying for regular users as it still offers all the basic features you need.

For instance, you can still use the password manager on unlimited devices of the same type. Plus, you can store all of your sensitive details in your password vault, enjoy one-to-one sharing, and more.

As for the features NOT available to you for free, these include,

  • Unrestricted device type
  • One-to-many sharing
  • File storage (1GB)
  • Security score
  • Dark web monitoring
  • Credit monitoring
  • Emergency access
  • MFA via Yubikey and biometric scan
  • Customer support

This is where the Premium subscription plan wins over the free plan. By paying a few bucks per month, you get all the basic features offered to free users alongside the fancy security features. Also, with a free plan, you only get basic support meaning you can access their support articles and community; however, for 24/7 email support, you’ll need to upgrade.

LastPass subscription and payments

As we just explained, LastPass does offer a useful free subscription plan without any premium security features.

Nonetheless, it doesn’t mean that LastPass will cost you a fortune for these features. Instead, they have developed very affordable subscription plans for individual users, families, and corporate customers.

LastPass premium and families plan – For regular users

Pricing LP

The LastPass Premium subscription plan costs only $3/month. So, if you’re a privacy geek, you can certainly go for the Premium version for individual use.

Whereas, if you need the same level of security and convenience for your family as well, then try the LastPass Families plan. With just $4/month, you can provide the same level of security, jazzed up with unlimited sharing, a separate vault for every user, a dedicated Family dashboard, and one-to-many sharing to as many as 6 different users.

Though, this plan isn’t suitable for large families. Perhaps, you may try 1Password if you need a family plan supporting more users.

And, if you’re wondering whether it will be worth paying, then create a free account and enjoy a 30-day free trial of the Premium version. Whereas, for trying the Families plan for 30 days, sign-up via the trial option offered with the plan.

LastPass doesn’t require you to enter your card details or any other payment method. Nor it demands upfront payments. Just sign-up and see what worthy features you would lose after the 30-day trial period ends. You will surely prefer buying it.

LastPass business plans – For corporate users

LastPass isn’t just a password manager for regular users. Instead, it also offers advanced security features for enterprise customers too.

LastPass Updated pricing image

Precisely, they offer four different subscription plans for business users. Depending upon the requirements and team size, companies can choose a specific plan without worrying about money since LastPass offers a 14-day free trial with all plans.

Is LastPass safe to use?

As you have reached this point, you might be thinking of LastPass as a secure, robust, and vigilant privacy tool. However, since we strive to come up with an unbiased review of LastPass, we want you to know about the cybersecurity issues that the service has suffered in the past.

Though, these incidents didn’t severely impact the performance and security of LastPass. Nonetheless, they highlighted that cybersecurity is an area on which LastPass needs to focus more.

2015 data breach

LastPass first made it to the news back in 2015 when the company admitted to having suffered a data breach.

At that time, the firm disclosed that the hackers could break into their network and strived to gain access to the database. However, since LastPass hadn’t stored users’ passwords in unencrypted form, they assured users about the safety of their data.

Though, they admitted that the multiple hashing procedures made deciphering the encrypted master passwords “extremely difficult.” (Note that they didn’t say “impossible” because the hacker did gain access to encrypted passwords and could thus try to decrypt them theoretically.)

However, they confirmed that the hackers didn’t access the encrypted user tokens, and so, users’ data stored within their accounts remain safe.

Security vulnerabilities

Following this incident, the company also jazzed up its security structure to prevent such incidents.

Although, after that, LastPass didn’t apparently suffer a cyber attack. However, researchers could still highlight bugs in their apps that could expose users’ data. This happened at least twice in 2016 (January and July). Fortunately, the bugs received a fix before a bad actor could exploit them.

Realizing the potential of the cybersecurity community to help improve security, LastPass even started a dedicated bug bounty program. Nonetheless, they still lagged behind in enhancing their security as the researchers kept pointing out more bugs in the subsequent years.

Thankfully, all those reports got LastPass’s attention before someone could exploit them. So the users remained safe.

Trackers in the Android app

Recently, LastPass faced backlash as its Android app exhibited weird behavior. In March 2021, right after LastPass made changes to its free version, a researcher noticed seven different trackers in the LastPass Android app.

While the researcher found them actively running, LastPass, in a statement, assured no sharing of data to any trackers. Ironically, despite the presence, LastPass admitted to not knowing what these trackers do. That’s where things got weird. LastPass explained that users could opt out of any analytics via the privacy settings.

Should I use LastPass?

Although LastPass has a demonstrated history of cybersecurity issues. Nonetheless, these things don’t diminish the importance of this tool.

Considering how the tool has remained safe from any further breaches since 2015, LastPass appears to be a safe option for storing your passwords.

Besides, even if you use any other password manager, you never remain safe from such threats.

In March 2020, researchers from the University of York presented a detailed white paper on how multiple vulnerabilities crippled the best password managers of today.

So, it’s somewhat acceptable for any tool, including a password manager, to develop bugs until they proactively detect and fix them. (Obviously, being PrivacySavvy, we can never support a tool that deliberately ignores users’ data security.)

Moreover, the biggest plus with LastPass is the bunch of features that greatly help you monitor your data privacy. The underlying encryption technology and device sync make this tool much more useful.

Thus, instead of risking your passwords by saving them to your browsers or setting up easy-to-break passwords just because you can’t remember the difficult ones, you should better use LastPass and save yourself from the more common cyber threats.

You can even use an alternative service if you aren’t comfortable with LastPass. But make sure you use a password manager instead of nothing like that.

Troubleshooting common LastPass issues

Although LastPass is a generally easy-to-use tool with little to no glitches. Nonetheless, just like any other technology product, LastPass may also develop glitches.

So, here we quickly list the most common issues you may experience when using LastPass.

The browser extension isn’t working

If your browser extension or LastPass Chrome extension stops working, here’s how you can troubleshoot.

  • Check for updates: Frequently, your browser extension develops glitches when it remains un-updated. So, make sure that you have the latest extension version running on your browser.
  • Reinstall browser extension: If your extension is up-to-date and you still face trouble using it, simply uninstall it. Then head on to the LastPass website and re-install it. It should now work fine after you sign in to your account.
  • Check if the extension is disabled: After browser updates or other settings, your browser extension may likely get disabled. So, make sure that you have your LastPass extension enabled among all other add-ons.
  • Adjust add-on visibility: If you cannot find the extension icon prominent in the toolbar, it may have got hidden. But you can fix it easily by customizing your toolbar.

Auto-fill feature stops working

Auto-fill is an excellent option that LastPass offers to save you time. Whether automatically entering your passwords during logins or filling up your billing details on an e-commerce website during check-out, auto-fill helps you everywhere.

However, if this feature stops working, you must bear with all the efforts of typing your data yourself.

But, don’t worry, here’s how you can resolve this issue.

  1. Go to your password manager settings and ensure that you have enabled auto-fill for all those websites on which the extension isn’t working. If the settings are fine, double-check them via your browser extension ‘Preferences’ as well.
  2. To adjust your ‘Preferences’ setting, log in to your LastPass browser extension.
  3. Go to ‘Account Options,’ then ‘Extension Preferences.’
  4. Look for ‘Automatically Fill Login Information,’ enable it, and click on ‘Save.’

Apart from these issues, you may also face problems setting up two-factor authentication, managing vaults, generating OTP, or importing passwords. Often, clearing the browser or app cache will resolve the issue.

Yet, if you still face trouble, then feel free to reach out to LastPass support. You can send them an

Verdict: Is LastPass worth paying?

LastPass has reigned the realm of password managers for quite some time. It gained popularity among users for its lucrative free version.

Unfortunately, LastPass has recently made some significant changes to its policies and services offered to the free users. Specifically, they have pulled off some major features, such as email support, and implemented device-type limitations that have ruined the LastPass free version.

Nonetheless, LastPass surpasses many other password managers due to the premium features it offers for very affordable costs. Also, though you can’t have them for free, LastPass is worth using as a free password manager tool, given its range of basic security options.

Best LastPass alternatives

1. 1Password

1Password is an easy-to-use and friendly password management platform that offers seamless apps across popular operating systems, browsers, and extensions. A key selling point of this tool is its flexible compatibility. 

Furthermore, it uses AES 256-bit encryption to protect user data. Besides, MFA and security keys boost the overall vault security. Additionally, if you have more sensitive data, you can hide them in a different country using the Travel Model feature. A privacy card feature also ensures you access banking functions safely.


NordPass is the perfect solution whether you need a secure service to store and synchronize your credentials across devices. For example, it employs military-grade encryption, providing an impenetrable layer of protection for your data. 

The best part is that this tool offers incredible versatility, allowing you to access your vault from any device you prefer without any limitations between iOS and macOS. Additionally, NordPass comes with some fantastic extras that make it even more appealing. For instance, the OCR scanning feature lets you conveniently scan IDs, saving you from the hassle of manually entering the data on your browser.

Furthermore, the Data Breach scanner notifies you if any of your password is leaked. In essence, NordPass is a comprehensive suite designed to safeguard all your credentials and everything in between.


RoboForm is safe and easy to use. Like 1Password, it also uses AES 256-bit encryption, which adds top-level protection to sensitive data. The password manager also uses multi-factor authentication to ensure all your information is inaccessible to other parties.

Furthermore, RoboForm integrates other functions such as dark web monitoring, password generator, and secure sharing to ensure a safer user environment. The fact that RoboForm is quite affordable is the icing on the cake.


We now reach the end of this LastPass review.

As you can see, LastPass is a decent password manager that sets you free from the burden of remembering and managing passwords. Furthermore, since you can save lots of other personal stuff in this password vault, LastPass is a useful resource for anyone looking for something to handle their data securely.

Although, LastPass has some problem areas concerning its performance, such as a limited free version and a history marred with data breaches. Yet, given how the service improvised itself and the bunch of unique features coupled with affordable subscription fees, LastPass becomes worth a try.

If you ask us in short whether we recommend this password manager or not, then the answer is yes, we do! LastPass falls nothing short of becoming one of our recommended password managers. LastPass is the right choice, especially for users who are hesitant to pay for such a utility.


Yes, you may. LastPass offers superior data protection to its users via AES-256 bank-grade encryption. It assures you of collecting no data as it first encrypts everything before transmitting it to its servers. Also, the service had gone through independent audits after the 2015 data breach to ensure data privacy. So, you can trust that the service can’t disclose your data to anyone, even in uncertain situations.

Of course, like every other technology, LastPass is also vulnerable to hacking and cyber-attacks. The service has improved its infrastructure following the massive 2015 data breach. Still, you should also employ cybersecurity best practices to cope with (in fact, to avoid) any damages arising from a potential LastPass cyber attack.

Not really. LastPass already offers an entirely free subscription plan, though, with some limitations. So, once your free trial expires, whether for the Premium or Families plan, you will only lose access to the premium features. But your account will remain active and working, and you can still use it for managing your passwords. If you wish to avail yourself of the premium features, you can pay to upgrade your subscription at any time.

Yes. Apparently, LastPass does offer its services to users in China. However, some users had previously complained about facing troubles that LastPass attributed to the ban on Google in China. Nonetheless, users, including enterprise customers, can still use LastPass using the Windows installer. LastPass also recommends using a VPN as a workaround to install the apps.

Absolutely. The zero-knowledge policy ensures that the tool cannot access, view, or share your data. LastPass also uses military-grade encryption, multi-factor authentication, touch, and face ID verification, and TLS certification to protect your data.

Yes. You can opt for the free version, which is feature-rich but misses key functionalities such as emergency access, secure file storage, and one-to-many sharing.

Indeed. LastPass has multiple recovery options, including one-time recovery password, master password hint, SMS recovery, mobile account recovery, and returning to the previous master password.

Yes, you can do this by sending an invite via mail. However, the recipient must create their own LastPass account to get hold of the shared data.

While LastPass has its benefits, it falls short in a few areas. For instance, importing passwords is not seamless, and there is no option to access the password generator when keying in a password in your vault, and a complicated way of reaching out to support via email.

While it’s an intuitive password manager, we find 1Password more reliable thanks to its positive reputation over the years. It also offers more features such as privacy cards, an easily accessible support team via email, and travel mode.

The password manager is easy to use as it stores all your passwords under one vault. It does not only make your work less cumbersome but also removes the risk of insecure passwords.

LogMeIn, an American Company in Boston, Massachusetts, owns LastPass. However, in the previous year, there was a change in ownership when Elliot Management Corporation, which owns Evergreen Coast Capital and Francisco Partners, acquired the company.

Absolutely. Passwords and notes are encrypted using AES 256-bit encryption protocol. As such, you are the only one capable of decrypting your vault, a zero-knowledge architecture functionality.

Sure thing. The multi-factor authentication adds an extra layer of security, making it a safe tool.