1Password vs. LastPass
-
Inga Valiaugaitė
Writer
1Password and LastPass are currently two of the leading and pretty popular password managers in the market. Both products are highly advanced password management solutions. If you’ve been wondering which one is better for you – 1Password or LastPass – we’re here to help you make the decision.
After doing a thorough research and putting both password managers to test, we found that 1Password might be more trustworthy in some aspects, as LastPass has recently been exposed to a data breach and might lack in other. By comparing both of the password managers’ features, security, pricing, apps, and other functionalities, we’ll make it easier for you to decide which one of them fits your needs better. Let’s find out.
Features overview
| TOP Choice | |||
| NordPass | 1Password | LastPass | |
| ⭐ Rating: | |||
| 🥇 Overall rank: | #1 out of #15 | #5 out of #15 | #6 out of #15 |
| 🔥 Coupons: | NordPass coupon 52% OFF | 1Password coupon 40% OFF | Cybernews Password Manager Coupons |
| 💵 Price: | From $1.43/month | From $1.79/month | From $3.00/month |
| ✂️ Free version: | Yes | 14-day trial | Yes |
| 🔒 Encryption: | XChaCha20 | AES-256 | AES 256-bit |
| 🖥️ Platforms: | Windows, macOS, Linux, Android, iOS | Windows, macOS, Linux, Android, iOS | Windows, macOS, Android, iOS |
| 🌐 Browser extensions: | Chrome, Edge, Firefox, Opera, and Safari | Chrome, Firefox, Edge, Brave, Safari | Chrome, Firefox, Opera, Safari, and Edge |
| Get NordPass |
1Password or LastPass: which one is more secure?
1Password and LastPass are on point when it comes to security. Both password managers send only encrypted data to the provider’s servers. Multi-factor security slightly tips in the LastPass favor. However, data storage options are undeniably better on 1Password’s end. Privacy and third-party audits are areas in which 1Password wipes the floor with LastPass. Overall, the champion in the security category is undoubtedly 1Password.
Security Breaches
First off, to ensure the security of both 1Password and LastPass security, we checked whether any of the two ever been hacked, breached, or otherwise compromised.
Unfortunately, LastPass confirmed a data breach in August 2022. It was reported that the incident didn’t compromise any of the users data and that the attacker exfiltrated portions of internal data back then. However, in late November of 2022, LastPass confirmed another breach. After this breach, it was admitted by LastPass that the attacker gained access to certain elements of the customers data. Moreover, in 2015, threat actors managed to access their network and LastPass asked users to change their Master passwords.
Regarding 1Password, it has never been reported to be hacked or breached. Therefore, this one’s a winner in terms of security matters.
Encryption
Since both 1Password and LastPass are market leaders, there are no real surprises in encryption. 1Password uses industry-standard 256-bit AES encryption with PBKDF2 password hashing for the master password to make it resilient against brute force attacks. The provider even takes it one step further and adds a 128-bit secret key on top of the master password. The forced secret key on login might seem like overkill, but the fact remains that it’s the most secure setup you could find among password managers.
LastPass is no slouch when it comes to encryption standards. They use the same 256-bit AES encryption with PBKDF2 SHA-256 for master passwords. They also work similarly, never sending unencrypted data outside your device and decrypting it only on a device level.
LastPass is by no means an insecure password manager, it should do the job just fine in most cases. However, the necessary secret key makes a major difference in the service’s security status. So 1Password is ultimately the superior choice because it locks your data behind more doors.
Multi-factor security
In 1Password’s case, multi-factor security is built into the client because it requires two passwords on every new device. Aside from this secret key, it’s possible to set up two-factor authentication via authenticator apps like Authy or Microsoft Authenticator. There’s an option to send push notifications to confirm login requests via Duo Security. It’s also possible to use Windows fingerprint or Apple’s FaceID. However, that’s about it. You won’t find 3rd party authenticators or USB tokens. Those two might be vital if you’re a business owner.
What LastPass does well are their multi-factor authentication options (you can see them in the image above). Ultimately, they have the most of all password managers. The list includes TOTP (time-based one-time password) apps, physical authenticators, smart cards, and more. The kicker is that you can use several authentication options. You can even enable them all and require to use the TOTP app, biometrics, PIN, and smart card – all at the same time.
On the other hand, from multi-factor authentication options, there are many reports that FaceID sometimes doesn’t work well with 1Password. In this case, LastPass is a winner, as it allows you to create several layers of protection. It would be tough for any hacker to jump through that many hoops. LastPass is the ultimate winner because of more supported authentication methods and the possibility to combine them.
Data storage
As is common among password managers, 1Password can hold your most essential documents in a secure vault. LastPass offers a secure vault as well, only with a smaller storage and file size limit.
| 1Password | LastPass | |||
| Personal & Family | Business | Free | Paid | |
| Storage limit | 1GB | 5GB | 50MB | 1GB |
| File size limit | 2GB | 2GB | 10MB | 10MB |
| Coupons | Get 40% OFF 1Password! | ❌ | ❌ |
Individual and Family plans come with a 1 GB and the Business plan with a 5 GB storage limit. Each file cannot exceed 2 GB size, so overall you get much better flexibility considering what other password managers offer.
If you’re planning to use LastPass to similar ends, it’s also possible. Free users get 50 MB of encrypted storage, and it’s 1 GB for paid users. 1 GB for paid users is a widespread password manager standard. There is a downside that each file cannot exceed 10 MB in size – could give you some problems if your phone camera is very high quality and you want to take a picture of your ID card.
LastPass gives 50 MB for free users, whereas all 1Password offers are to paying users only. However, when we stack paid LastPass and 1Password data storage options, the latter is undoubtedly less restrictive. With 1Password, you could store personal videos that would exceed 50 MBs pretty quickly. LastPass, in this sense, is just inferior. Its key being file size limit, LastPass’ free version is very limited and inconvenient to use with advanced devices and high quality files.
Your passwords are keys to your entire online identity. Making sure they're being stored securely will offer you full peace of mind. Don't let data breaches scare you – with 1Password you can be assured the essential documents will be stored in a secure vault with flexible file limit and storage.
Get 1PasswordPrivacy policy
Even though 1Password is a closed source project, its developers are upfront about how everything works under the hood. Your data is stored in encrypted form only, and there is no selling of customer information. It does make sense, considering that 1Password is paid-only and doesn’t have a free version. Naturally, there cannot be any capitalizing on free users' data because there are no free users.
1Password has been recently acquired by Accel company, which invested $200 million into the company: products and services, with a focus on safety.
LastPass is certainly less considerate for its customers' privacy. Their privacy policy is on the website of their parent company LogMeIn – it doesn't discriminate between different products. As such, it’s ambiguous which data LastPass collects. What is clear is that they state that they may use your data for marketing purposes. Also, LogMeIn is based in the US, adding other possible privacy concerns.
Overall, 1Password distinguishes itself with a no-nonsense attitude towards your privacy. The same doesn’t apply to LastPass, who will happily collaborate with marketers to keep their free version afloat. It’s something that should be taken into consideration and makes LastPass an inferior choice.
Third-party security audits
When it comes to third-party security audits, there’s only one thing that you should know. 1Password has undergone several security audits. You can familiarize yourself with each of them, including the detailed audit reports on this page. The most noteworthy are:
- Service Organization Control Type 2 certificate
- Private bug bounty program for Bugcrowd, Inc.
- Independent Security Evaluators penetration and code test
That’s a feat of strength that few password managers can boast. In contrast, LastPass has only one of them. What’s even worse than the lower total number is that this was an audit of their internal compliance to the security and privacy regulations. It should mean to you that they passed their staff compliance audit, rather than through penetration testing of their software. LastPass pales in comparison in this sense. They are making 1Password a clear winner.
Alerts
1Password has a feature called Watchtower, which alerts you about your password breaches and whether it has been compromised. It has an integrated Have I Been Pwned function. It checks for password strength, vulnerable passwords, and compromised websites.
LastPass has a similar feature, called Dark Web Monitoring. If your credentials have been breached, you get a notice via email.
Overall, both 1Password and LastPass password managers have similar features in this category.
Use Cybernews Personal Data Leak Checker to find out if your data has been leaked (whether your email, phone number, and related personal information could be in the wrong hands).
Travel mode
1Password has a Travel mode feature, which removes vaults from your devices except the ones that you select as available or safe for travelling.
LastPass doesn’t have a travel mode but offers multisteps for travelling. This includes restricting access to specific countries, enabling offline access, or saving digital copies of most important documents.
All in all, 1Password is a winner here, as its feature is way easier to set up, you prepare your account for travel with only a few clicks, while LastPass just offers an extensive set of suggestions and steps.
1Password and LastPass: which one offers better value for money?
LastPass used to be a go-to password manager for those who need a good budget option. However, since the beginning of 2021, they started restricting the free accounts behind certain device types. 1Password doesn’t have a free version at all, but it isn’t too pricey. However, you can try it for free for 14 days to ensure the tool is what you're looking for.
If you commit to a more extended plan, 1Password for individual users costs as much as LastPass. However, at the same price, you do get more value with 1Password.
1Password or LastPass: Free vs. Premium plans
There couldn't be more different password managers than 1Password and LastPass. One offers a free version forever, while the other wants you to whip out your credit card. Suppose you're only interested in free password managers with an option to upgrade. In that case, that could settle the argument right there.
When we look at the services you have to pay for, the scales tip in 1Password’s favor. First of all, you can try the service for 14 days for free without providing any payment information, and after that, there is a 30-day money-back policy. The personal account option is billed annually, but the monthly price translates into $1.79/month.
If you need a password manager for more users, there’s an option to pick the Families plan for $2.50/month. You can then share this plan among five family members. These users will then share passwords, credit card information, secure notes, and more. Plus, you’ll be able to help out locked out family members should they forget their passwords. If you need any more members, you can invite them for an extra $1/month to your total price.
With the free version of LastPass, you get unlimited password storage in your vault, support for any device type, a password generator, multi-factor authentication, and 50 MB of data storage. As we mentioned earlier, this kind of data storage is rather limited. You will be restricted to the device type. LastPass only allows you to use it on desktop or on mobile. So, accessing the same vault on your mobile and your PC is out of the question. You'll need a Premium or Family plan for that.
| Version | 1Password | LastPass |
| Free | – | $0.00 |
| Personal/Premium | $1.79/month | $3.00/month |
| Families | $2.50/month | $4.00/month |
| Check Pricing | Check Pricing |
1Password also has offers for Teams and Business users. The former costs $19.95/month for 10 members and the latter $7.99/month per user. Teams include unlimited shared vaults, admin controls, 5 guest accounts, and 1 GB of document storage per person. 1Password business, on top of that, has 5 GB of document storage per person, 20 guest accounts, custom roles, usage reports, and more.
As for LastPass, individual users can choose between LastPass Premium for $3.00/month and Families for $4.00/month. Compared to the free version, LastPass Premium adds one-to-many sharing, dark web monitoring, emergency access, priority tech support, and autofill applications. Most importantly, it allows you to use it cross-device, meaning that you can access the same vault on mobile and desktop.
Overall, LastPass didn’t implement discounts based on the length of your subscriptions. This means that 1Password could be cheaper and offer more features if you decide to commit to annual plans. On the other hand, if you’re on a tight budget, you can get LastPass for free. So it comes to this, LastPass is the best value option if you don’t spend a dime (and don't mind their device type restrictions).
1Password vs. LastPass: ease of use and setup
Both password managers have created a wide array of options for their users. You can pick between the usual set of apps and clients. The main difference points include browser add-ons. 1Password is lacking in this department, forcing its users to install a desktop app if they want the browser add-on to work. However, 1Password is noticeably superior when it comes to mobile apps, especially its iOS variants. It allows you to store items even on your Apple Watch. Overall, 1Password still comes off as the superior choice compared to what LastPass has to offer.
Web client
It’s most likely that your journey with either service will start via a web client. When you create a 1Password account, you’ll be able to manage your vault right off the bat. The sign up procedure not only requires you to confirm your email with a confirmation code, but it will also enforce a randomly generated 34-character Secret Key. Plus, your login might belong in 3 different regions: 1Password.ca, 1Password.eu, ent.1password.com, or 1Password.com. Although it might seem confusing, it works to your safety advantages. There is much more variation than just your email/master password combination. The redeeming aspect is that you only have to type in these things once. Your browser or app will remember the data. You’ll only need to confirm your identity with a master password. 1Password’s web client offers more or less the same vault management options as those available on the apps. There’s also an option to use a QR code to setup or retrieve your account.
LastPass has a slightly different take on their web client. While 1Password limits some features to the web and adds others to the downloadable apps, LastPass is doing the opposite. They are trying to provide identical functionality regardless of login method.
Desktop apps
1Password apps come in different versions. If you have a newer computer, you’ll be able to download 1Password Version 7. If you have an older computer, you can use 1Password 4. It’s rare that a password manager willingly extends support for older machines. With that said, they are no longer supported as fully and only receive the most critical security updates. All the current apps are available for macOS, Windows, and Linux.
You can manage your vault in 1Password desktop the same way you would on the web client. The difference is that the apps add advanced options. For example, on Mac, you can enable Spotlight and 3rd party app integrations. This allows searching the data stored in the items and more. On Windows, you can add a Proxy server to change your IP address and virtually appear from a different location. These additional tweaks are what makes 1Password a better sell than just the barebones browser client.
In contrast, LastPass creates zero initiative to switch to a desktop app. Everything you can do on your web client, you can also do on their desktop app. In reality, you can better manage multi-factor authentication options via web client, expand your plans, and more. It raises the question about the purpose of the app. 1Password easily overpowers LastPass when it comes to their desktop apps.
Browser extensions
If you think that 1Password’s browser extension will provide convenience, prepare for confusion. There are actually two separate versions that you can find: 1Password X and an extension that requires a desktop app. The latter was the first introduction, so it worked with Mac and Windows. Then 1Password X was released for ChromeOS and Linux users. 1Password X is newer but it is underdeveloped at this point and doesn't support biometrics authentication.
The simple extension works only as a supplement to the app, not as a substitute. This begs the question why you should bother installing both: the app and the extension when there's 1Password X?
Well, 1Password now supports Safari. So, you can enjoy the new version with all the features for your extension.
You can use their browser extension separately from the apps. This is the right way to do it. You get much more flexibility as a user. The extensions are available to Chrome, Firefox, Edge, Edge Legacy, Opera, and even Safari. So, ultimately not only do you get more fleshed-out browser add-ons, but you also get more supported browsers.
Mobile apps
1Password apps are available for iOS and Android devices. Both are identical from the features perspective: you can set up both apps to autofill passwords not only on the web but on apps as well. In the iOS case, everything is rather straightforward. You’re asked to switch iCloud Keychain in place of 1Password. If you’re using Android, it depends on your version. Currently, 1Password supports autofill on apps and browsers from Android version 5 to the current 12th. So, 1Password pretty much covers all bases.
Feature-wise, the most noteworthy addition on iOS is the possibility to add items to the Apple Watch keychain. That way, you can store passwords in the storage on your watch. It protects your items with your Apple Watch rather than your master password. Android devices don’t have an equivalent feature.
LastPass also features autofill for Android and iOS. However, the difference is that LastPass will require the Android 8 framework to work. If you have a phone that runs on an older build of Android, you’re out of luck. You can also set up biometrics authentication if you don't want to use your master password.
1Password works on more Android versions and supports iOS Apple Watch integrations. These are strong selling points that make it a better overall product.
Password sharing
In terms of password sharing, with 1Password you can share items with recipients that aren’t 1Password users. The feature for that is called Psst! (Password secure sharing tool) All you need to do is just open an item to get a link, which you can share with anyone.
With LastPass you can share credentials only with other LastPast users. You can also manage the access to the login credentials. A downside is that LastPass asks you to verify your email address before letting you share anything quite frequently.
1Password definitely beats LastPass in this field, as the first one offers more functionality and versatility than LastPass and is more user-friendly. That’s something to take into consideration while making the choice between the two.
Recovery methods
Both password managers have recovery methods if you accidentally lose your private key (master password).
1Password offers a Windows Hello (biometric identification) recovery option. If you belong to a Family plan, other members can recover your account. However, it’s recommended to print out the Emergency Kit with all the login details.
LastPass provides a Recovery One-Time Password and login with it if you forgot your Master password. You can also add a recovery phone number or set up a mobile account recovery with biometric authentication.
Having compared the recovery methods that both of the password managers offer, LastPass seems to provide more choices and beats the one option that 1Password offers.
Password generator
It’s crucial to use secure passwords online. Unfortunately, a lot of users tend to reuse the same passwords over and over again or lack complexity when creating those. Therefore, password managers include a password generator, which generates you a secure, custom, and strong password. Both 1Password and LastPass have these.
1Password’s password generator has up to 100 characters. You can generate passwords from random symbols, PIN codes, or memorable phrases containing 3 to 15 words.
Meanwhile, LastPass password generator is rather simple and you can create a password containing up to 99 characters.
Both providers have good generator features but 1Password has more options to play with.
LastPass vs. 1Password: customer support
Since 1Password is positioning itself as a premium password manager, it comes with more customer support options. You can contact them via Twitter, email, or community forums. Email seems like a no-brainer, but many users report that they got in touch faster by using Twitter or the forums. Live chat would be the best option, but seeing how little password manager providers can do to help you out, this is no surprise.
When it comes to LastPass, if you’re using the Free version, you’re left without customer support. You’ll only be able to read the FAQ section. Paid users can get Premium Support tickets. So, essentially, customer support in LastPass' case is left behind a paywall.
Both services look decent from a customer support standpoint. 1Password seems a little better because of their community forums, which give them a narrow edge. LastPass should be an example of how not to implement customer support. Giving this option only to paying users is cruel.
1Password vs. LastPass video review
What do Reddit users say?
One of the best ways to choose a reliable password manager is to check what users recommend. Subreddits on password managers tend to offer honest opinions and experiences. Let’s check out which one of the password managers conquers Reddit:
Some Redditors say that LastPass won’t generate passwords for new services on Android and there are recommendations to switch to 1Password because it works better regarding this. Generally, users seem to appreciate 1Passwords’s interface, ease of use, app compatibility, password sharing, and other functionalities.
Others switch to 1Password because of it being more secure and having no concerns with data breaches or data being hacked.
Overall, users seem to prefer 1Password for its customer support as well and for the generally well-developed password management solution.
Best 1Password and LastPass alternatives
If you're looking for some LastPass or 1Password alternatives, we have some excellent picks you might like.
1. NordPass – excellent password management service
NordPass is one of the best password managers in the market. It ensures easy and secure logins, as well as safe password sharing. It supports two-factor authentication (2FA), identifies weak or used passwords, and boosts your security even more. There’s also an option to use Touch ID or Face ID. NordPass has apps for Windows, macOS, Linux, Android, iOS.
This password manager is a great alternative for LastPass, as NordPass is really user-friendly, which suits a beginner or an average user. There is a powerful free version. Prices start at $1.43/month and you have 30-days to change your mind.
2. Keeper – top-rated password manager
Keeper is another great password manager in the market. It uses a zero-knowledge approach, which means that your data is encrypted on your device. Keeper comes with a selection of two-factor authentication, such as SMS, Google and Microsoft authenticators, RSA SecurID, Duo Security, U2F, and KeeperDNA. This provider has apps for Windows, macOS, Linux, Android, iOS. Even though there is no free version, there's a 14-day free trial.
Keeper prices start at $1.75/month, billed annually.
Bottom line
| Category | 1Password | LastPass |
| Security | ✅ | ❌ |
| Features | ✅ | ❌ |
| Pricing & Plans | ✅ | ❌ |
| User-friendliness | ✅ | ❌ |
| Customer support | ✅ | ❌ |
All things considered, 1Password is much better password manager than LastPass. Although both password managers have similar features, 1Password is cheaper, has better user experience and it's additional security feature Secret Key makes 1Password impossible to hack. What’s more, 1Password has better mobile apps, fewer limitations, and advanced customization options give the lead in this 1Password vs LastPass comparison.
Other password manager reviews from Cybernews
Lastpass vs Dashlane: which will you choose?
1Password review: features, pricing, is it worth it?
Dashlane vs 1Password: and the winner is...
FAQ
Is LastPass better than 1Password?
Both are good services. However, they both have a slight edge in different areas. LastPass is one of the most generous free password managers. Whereas, 1Password is an overall better premium password manager.
Can 1Password import from LastPass?
It can, and that’s not all. It also supports imports from Dashlane, RoboForm, Encryptr, Chrome, and more.
Which is better for business: 1Password or LastPass?
Surprisingly enough, business users might lean towards 1Password. This is because it has exceptional 24/7 customer support and broad functionality. Also, depending on your enterprise, it might even be cheaper.
Has LastPass ever been hacked?
Yes, LastPass was breached for four days in August, 2022 and in late November, 2022. The company made a statement about it on both occasions. As for the first breach, it was limited to the Development side of LastPass’ environment and threat actors only took some of the source code and technical information. After the latest breach, it was admitted by LastPass that the attacker gained access to certain elements of the customers data.
Comments
I'm not "Googling" anything! I'm searching. If I wanted to use Google I would just use their built in password manager like I did before they started censoring everything.
I thought I'd also add that 11months after this article has been written 1password has added MFA support for microsoft authenticator and authy: https://support.1password.com/two-factor-authentication/
My main gripe with lastpass is half baked features: i.e. equivalent domains and the autofill for applications just not working well. I'm still testing out 1password as I've found it handle multiple domains/urls much better, and from the community forums (for bitwarden) they have stated that autotype/fill for applications also works with 1password.
Thank you again for this article, it has been super helpful
Want to switch from one provider to another. I’m currently trying to switch from Last Pass to 1Password. The companies know each other and they know what they are exporting or importing. But the result is only junk
Only from Dashline to Last Pass was bearable.
Overall, all of them do not provide the optimal solution. Especially in the handling.
But, that is my personal experience. Am not yet 77, but still very very old 😉
The reviews were helpful, especially where the technical difficulty of browser use was noted for 1password.
Glad that you liked it!
I have apparently been ‘hacked’ a few times because I have had to get a new Amex card several times. Any advice?
However, one thing you missed to consider for pricing, is the option from 1Password to also one-time buy 1Password!
It‘s actually bit hidden on their website, but there is a one-time buy option. It lacks cloud integration but offers local WiFi sync and is perfect for those who don‘t want to sync via any cloud service at all. However, even if you want cloud sync, this paid version also enables iCloud sync: start syncing to iCloud on your Mac, and you are able to continue using the iOS app.
https://support.1password.com/sync-options-security/
You can download the windows version here:
https://1password.com/downloads/windows/
You can download the MacOS version here (which presumably is the same in terms of how the licence works):
https://1password.com/downloads/mac/
As long as your master password is safe, your vault is safe. A Secret key is mostly used as an off-device measure against brute force attacks. Without your Secret key, it’s impossible for hackers to crack your vault, and 1Password never gets a copy that they could store.
A Secret key can also be stored in your device backups that get transferred if you’re migrating data from the old device to the new, as well as keychains (that, in Apple’s case, sync via iCloud). So, if it were transferred that way, the app wouldn’t request a Secret key.
In the end, I’m giving up on 1Password, and I’ll just subscribe personally to use LastPass’s family plan.
If you’re asking about 1Password, your data becomes read-only, and autofill stops working.
If you’re asking about LastPass, then you just get reverted to a free version.
Regardless, I will update the comparison as noted.
Your email address will not be published. Required fields are marked