© 2022 CyberNews - Latest tech news,
product reviews, and analyses.

If you purchase via links on our site, we may receive affiliate commissions.

LastPass Review 2022: is it safe and reliable?

by Raimonda Kriaučiūnaitė
19
LastPass

Launched in 2008, LastPass is a veteran among cybersecurity tools, and one of the most feature-rich password managers out there. It offers multi-factor authentication, supports various platforms and browsers, and is easy to use. Even better – LastPass even has a decent free version for you to try out. Well, I will share a detailed LastPass review with you, so you could see how good it is.

I have thoroughly examined LastPass and put everything into this article. So, continue reading to learn all there is to know about this product in terms of security, ease of use, pricing, and more. Let’s see how well this password manager performs.

Rating:
4.2
Price:from $3.00/month
Free version:Yes
Encryption:AES 256-bit
Platforms:Windows, macOS, Android, iOS

Visit LastPass

LastPass review – pros and cons

Pros
  • Free version
  • Multi-factor authentication
  • User-friendly
  • Supports most platforms and browsers
  • 30-day free trial of Premium
  • Offline access to your vault
Cons
  • No live chat
  • No cross-device support for free users
  • Free users can't submit tickets
  • Has had a big data breach recently
  • Android app includes trackers

Visit LastPass to learn more about the features

Is LastPass safe enough?

You might be wondering whether LastPass is truly safe. And I understand this mistrust, as LastPass is a closed source password manager. Plus, they never reached out to third-party audit agencies to verify whether they’re operating securely. You’ll have to take their word for it for pretty much everything they offer. This isn’t made any better with the fact that the company suffered from a successful hacking attempt.

The service uses military-grade AES-256-bit encryption to lock your secure vault. Only your master password can unlock the vault, and it’s never sent directly to them. According to the privacy policy, LastPass receives only the data that was already pre-encrypted on your local device. What is sent to their servers is only encrypted chunks of data. Even their developers cannot unencrypt it at will because of the additional hashing algorithm. It means that everything you store in LastPass should be safe from external intrusions.

Did LastPass get hacked?

In 2019 Travis Ormandy, Google Project Zero researcher found the LastPass browser extension vulnerability, which could be used to steam user data. The vaults themselves remained secure. However, it was possible to gain hashed user’s master passwords, email addresses, and password reminder questions via the exploit. It meant that a hacker could take over someone’s LastPass account by abusing the recovery options.

The consensus is that around 16 million users could have gotten their credentials exposed. The developers reacted swiftly and rolled out the patches as soon as they could. However, the damage persists to this day, and LastPass still drags the black spot on their reputation.

LastPass features overview

LastPass has features to offer that cover all essential password manager’s needs. It lets you keep usernames, passwords, and other sensitive data well protected. Take a quick look at what includes the security and privacy suite of it.

  • 2FA, Multi-factor authentication, and LastPass Authenticator
  • One-Time Passwords (OTPs)
  • Password generator
  • Country restriction
  • Password vault
  • Credit monitoring
  • Security challenge

The list seems promising, right? To enlighten you even more, we have reviewed each feature separately. So, scroll down and find out what’s so good about each security tool that LastPass provides you with.

2FA, Multi-factor authentication, and LastPass Authenticator

To make the data even safer, LastPass supports 2-factor authentication (2FA) and multi-factor authentication (MFA).

2FA is designed to keep your most sensitive information safe by making you take additional steps before accessing the LastPass vault where your passwords and usernames are kept. There are many options you can choose for your second factor, including their very own LastPass Authenticator and:

  • Smartphone apps (Google Authenticator, Microsoft Authenticator, Symantec VIP, etc.)
  • Software-based services (LastPass Grid, LastPass Sesame, others)
  • Hardware tokens (YubiKey, RSA SecurID)

You can get the LastPass Authenticator app for free on the Google Play, Apple Store, and Windows Store.

MFA allows you to combine even more factors for authentication and secures your logins to online services other than LastPass. You can choose which services to apply MFA to, which devices to trust, etc.

Due to its usefulness for managing permissions, security levels, and high level of customizability, LastPass MFA (which is a separate app) is a B2B-oriented feature available with the MFA, Teams, Enterprise, and Identity plans. However, advanced multi-factor authentication options are available for individual Premium users as well.

You can manage LastPass 2FA and MFA through the Multifactor Options section of your online dashboard.

One-Time Passwords (OTPs)

If you’re accessing your web vault from a device that doesn’t belong to you, you might be walking into a trap. You can’t know whether the device has a keylogger or other software that could be capturing your keystrokes. LastPass has a potential solution there with their one-time passcodes feature. That way, you can log in without revealing your master password.

You can generate LastPass one-time passcodes after you’ve logged in to your account. You can use them afterward, and each passcode will expire after use. It means that it’s impossible to log in to an account twice with the same passcode. Plus, you can print them or store them in other methods to use later or in emergency recovery.

LastPass password generator

One of the best features that LastPass offers is its password generator. This will help you create strong passwords for your most visited websites and apps.

What a password generator does is it creates passwords for you. Therefore, you don’t have to worry about qwerty or 123456789 not being strong enough to protect your privacy online. With a password generator, you’ll get unique passwords that have a variety of numbers, symbols, capital and lowercase letters.

What’s great about LastPass password generator is that you can control how strong your password will be.

For example, you can choose to include or skip numbers and symbols, select the length of your password, or make it easy to read and say.

LastPass password generator

However, note that the password in the screenshot above is not particularly strong – I would advise you to increase the length and add both numbers and symbols to the password. After all, using LastPass means you don’t have to memorize your passwords.

While we always recommend to go for the long and hard when it comes to passwords, having an option to customize them is a huge advantage.

LastPass country restriction

When you create your LastPass account, LastPass restricts you to the country you're in. However, if you travel regularly, you can add additional countries.

To do that, follow these steps:

  1. Go to your LastPass Vault.
  2. On the left, click Account Settings.
  3. Click the General tab, and then click Show Advanced Settings.
  4. Enable Only allow login from selected countries checkbox.
  5. Choose the countries you wish to add to your list.
  6. To save, click Update.
  7. If asked, provide your Master Password.
  8. Click Confirm.

That’s all there is – now you are no longer restricted to one country.

One thing to remember is that you can change your virtual location by using a Virtual Private Network (VPN). Thus, you can bypass the country restriction altogether.

Password vault

LastPass keeps your passwords in an online vault. You can access it on your desktop, web, or mobile device. As the vault is encrypted, your usernames and passwords are well protected against prying eyes.

One good thing about LastPass is that you can access its online storage (or vault) offline as well. If you want to log into your vault when offline, just make sure you've logged into your vault at least once with an Internet connection. This way, your device caches a local version of your encrypted data to the device.

LastPass credit monitoring

LastPass users from the US can take advantage of a free credit monitoring alert feature.

With it, you get real-time protection, as you're notified if your credit report suddenly changes. The credit monitoring feature enables users to better monitor their credit report and protect themselves against identity theft.

To enable this feature, follow these steps:

  1. Log in to your LastPass account.
  2. On the left menu, click More Options.
  3. Click Advanced > Credit Monitoring.
  4. Select Enable Credit Monitoring.
LastPass credit monitoring feature

After completing these steps you will be asked to create new Form Fill Profile or select an existing one.

To enable credit monitoring feature from an existing profile, find your profile on the left and click Enable Credit Monitoring. If you need, you can also edit form-fill, and enable the credit monitoring feature afterward:

LastPass edit form fill

LastPass security challenge

When you’re storing in a password vault, one of the most appealing points of a password manager is that there’s everything in one place. It also means that it’s possible to evaluate whether the password is secure. You can do it by hand, or you could use the LastPass security challenge.

LastPass security challenge is a simple analytical tool that goes through all of your stored passwords and evaluates their complexity. If you’re reusing passwords use with little to none uniqueness, you’ll immediately notice low-security challenge scores indicated in red. The good thing is that it also evaluates your master password’s complexity. So, you’ll not only reinforce the passwords that you use on other accounts but will be able to switch to a stronger master password.

LastPass password manager security

Ease of use and setup

Using LastPass is an intuitive and easygoing experience.

Welcome to LastPass screen

For example, to import passwords to LastPass, follow these steps:

  1. Open your browser
  2. Click on the inactive LastPass icon in your toolbar
  3. Enter your username and your master password
  4. Click Log In
  5. In your web browser toolbar, click the LastPass icon
  6. Click Import

If you ever need to export your passwords from the vault, here’s what you need to do:

  1. Go to your LastPass vault
  2. On the left, select More Options
  3. Go to Advanced > Export
  4. If asked, provide your master password
  5. Click Continue
  6. Select More Options in the left navigation
  7. Go to Advanced > Export

LastPass web client

LastPass web client is the place where users keep their usernames and passwords. What is more, using it, you can manage your account’s settings and the information stored in the vault.

LastPass Vault for passwords

For the sake of comfort, your web vault is organized similarly to your desktop (or local) vault. The best part is that it's OS-neutral. You will be able to use this version with pretty much all web-enabled devices.

LastPass browser extensions

One great thing about LastPass is that it offers extensions for the most popular browsers. That includes Chrome, Firefox, Opera, Safari, and Edge. You can get your browser extension after creating your account.

Installing LastPass browser extensions is easy – simply confirm the installation when prompted after you create your LastPass account, or download the app to your device.

LastPass Chrome Extension

With the LastPass extension, you’ll forget about your passwords altogether – LastPass will remember your logins and automatically fill them in for you when needed.

Mobile apps

LastPass offers apps for both Android and iOS. You can get them on Google Play and the Apple Store, respectively. Both apps are easy-to-use and designed to be as user-friendly as possible. Unfortunately, the Android client has seven trackers that you can't opt-out of and which collect information about your online activities.

After you get your mobile app, feel free to explore its settings:

LastPass mobile Settings

For example, you can choose AutoFill feature for LastPass to fill in the website forms for you:

LastPass autofill on mobile

You can also create passwords with the Password Generator feature on your mobile device:

LastPass mobile generator

Naturally, you won't have as many options for generating passwords on your mobile device, but it still does the job.

After downloading one of the mobile apps, users also get the Authenticator app, which is one of the MFA elements created to add an extra layer of security on your most sensitive information.

Plans and pricing

LastPass is sometimes called a freemium password manager. It means that the product is offered for free, but those who wish to explore more of its features have to pay.

To see what you get when opting for one of the three plans – Free, Premium, and Families – let’s discuss them one by one.

Before I do that, however, let’s get one thing out of the way: payment options only include credit cards, which is a bummer.

VersionFeaturesPrice
Free (1 user)Secure password vault, autofill, password generator, security dashboard, 2FA, LastPass Authenticator, secure notes$0.00
Premium (1 user)Everything in Free + file sharing, Dark Web monitoring, emergency access, priority tech support, LastPass for applications, 1GB file storage, advanced 2FA$3.00/month
Families (6 users)Everything in Premium + family manager dashboard, unlimited shared folders$4.00/month

Visit LastPass

Free plan

LastPass free option offers the essentials that you’d expect from a password manager. However, you will be restricted to the device type. It means that if you download the desktop app, you’ll be able to use it only on desktop clients. The same with mobile apps, so there are no cross-device type capabilities.

You can get 30 days of Premium to see how their unlocked version feels like. Otherwise, with the free version, you get:

  • Secure password vault
  • Access on all devices
  • Autofill feature
  • Password generator
  • Security dashboard
  • Multi-factor authentication (only the basic options)
  • LastPass Authenticator
  • Secure notes

The free version on its own is pretty restrictive, so it does make sense to opt-in for paid plans.

Premium plan

To see what is the difference between LastPass Free and LastPass Premium, let’s look at what additional features the Premium plan offers for $3/month, billed annually.

  • File sharing with many people
  • Cross-device capabilities
  • Dark web monitoring feature
  • Emergency access
  • Priority tech support
  • LastPass for applications
  • 1GB encrypted file storage
  • Advanced multi-factor authentication options

You can find the comparison of all the features you get with each plan you opt for on LastPass website.

Families plan

When it comes to the Families plan, you get all the features Free and Premium users do, as well as:

  • Family manager dashboard
  • Unlimited shared folders

Families plan can be used by 6 users for $4/month, billed annually, so it should be more than enough for many households.

Customer support

When a problem arises, LastPass users can count on the customer support. They can go to the LastPass Support page and type in an issue they're encountering in the search bar:

LastPass support page

For example, I wrote autofill and instantly got the articles that you see in the picture above. After clicking on one of them, you'll find an answer and detailed instructions, if needed.

Account and password recovery

LastPass Password recovery is not as self-explanatory as it may sound. Actually, LastPass doesn’t know your master password, therefore it cannot send it to you. While this may cause difficulties accessing your vault, the main purpose of keeping your password completely private is protecting you against online fraudsters.

When facing problems accessing your account, try the following steps:

  1. Take advantage of a password hint that you set up when creating your account. The hint is not the password itself, but it can help you remember your master password. Even though creating a hint is not mandatory, we highly recommend doing so as it may help to recover your LastPass account.
  2. Go to LastPass Account Recovery page on their website. Here you can activate your local One Time Password. With it, account recovery may be possible. Something to keep in mind is that recovering your account with a one time password is only possible on desktop devices.
  3. Try accessing your account through the LastPass website and through the browser add-on. If you can login via only one of them, the LastPass browser add-on may be the one to blame. In such a case, clear your browser cache, and contact LastPass customer support.

If the above-mentioned tips don’t work for you, you may have lost access to your LastPass account for good. Recovering the password is not an easy task with this password manager.

Most common LastPass issues

So, what are some of LastPass' shortcomings and how can you fix them?

While some users have trouble configuring multi-factor authentication or importing their passwords from browsers and other password managers, there are two most common issues that LastPass users run into.

The first one involves setting up the Chrome extension and the other is about making autofill work. Below are the solutions to these two LastPass problems.

LastPass Chrome extension not working

There are a few options to try if your LastPass Chrome extension is not working:

  1. Reinstall or update your Chrome extension. To do that, go to the LastPass website, and download the latest version of Chrome extension.
  2. If the extension is listed, but not enabled, enable it. To do that, go to chrome://extensions in your Chrome address bar.
  3. If LastPass is hidden from your browser, reveal it. To do that, click the Customize Toolbar icon, then right-click the LastPass icon, and select Show in toolbar.

LastPass autofill not working

If your LastPass autofill is not working, you may need to enable it in your Preferences. To do that, follow these steps:

  1. Go to your browser, and click on the inactive LastPass icon.
  2. Provide your username and master password.
  3. Click Log In. You should now see an enabled LastPass icon that is now in red.
  4. Go to Account Options > Extension Preferences.
  5. Enable Automatically Fill Login Information.
  6. To confirm, click Save.

Best alternatives to LastPass

Overall, LastPass is a go-to password manager when you need a high-quality product that is free. However, if for some reason it doesn’t tick all the right boxes for you, find some reliable alternatives to this product.

NordPass

Whether you're looking for a service to securely store or sync your credentials across devices, NordPass ticks all the boxes. Your vault is protected with military-grade encryption, so no one will be able to just sift through your passwords. Yet, the versatility of this tool means that you'll be able to access the same vault on any device of your choice. Leave iOS-macOS limitations behind.

There are more nice extras like OCR scanning for IDs, so you won't have to type in that data on your browser. Then, there's a Data Breach scanner that alerts you if your password ends up in a leak. This is a full suite aimed at protecting your credentials and everything in-between.

Read more: NordPass review

Dashlane

Dashlane will be easy to use password manager even if IT proficiency isn't your second nature. It also has a completely free version, just like LastPass (both are fierce competitors, read our Dashlane vs. Lastpass comparison to find out more).

There's two-factor authentication that supports multiple confirmation methods. Whether's you want to use a mobile app with time-generated codes or biometric data, you can set it up to your preferences. The vault is encrypted by military-grade encryption, so no one is going in there.

Read more: Dashlane review

Find out more alternatives to LastPass from this guide.

Bottom line

LastPass is one of the most widely used password managers available on the market today. Security is one of its main appeals. The tool uses AES-256 encryption, the golden standard of the industry. It also offers two-factor authentication and multi-factor authentication, which makes the app as secure as you want it to be.

There are also out-of-the-box features that include One-Time Passwords and the possibility to restrict the app’s usage in different countries. Meanwhile, Credit Monitoring will let you know if your credit report suddenly changes. These and other features will let you feel completely safe.

Even if you decide to stick with a free version, you get more than enough features to keep your usernames and passwords well protected. If you decide to upgrade, your options expand even further, as described in this LastPass review.

Visit the LastPass Website

More password manager reviews from CyberNews

Zoho Vault review: great password management solution for multiple users

1Password vs. LastPass: how do these password managers compare?

Bitwarden review: password manager both for personal use and organizations

FAQ

Is LastPass safe to use?

LastPass is safe because it uses the AES 256-bit cipher to encrypt your passwords. Passwords reach their servers only in an encrypted form. It ensures that even if hackers managed to breach the server, your data would still be safe. It’s impossible to reverse engineer it to retrieve your master password. LastPass employees, too, cannot see the password that you’re uploading to the cloud.

Visit LastPass to find out more.

Is LastPass trustworthy?

Yes, LastPass is a trustworthy company, and they have fixed most of the security flaws in their product. So, as long as you don’t reuse your passwords and follow the best practices when creating passwords, you should be in the clear. Considering that you can set up multi-factor authentication, it adds a layer of protection.

What happens when your LastPass free trial expires?

You can try LastPass Premium for free. When your trial or subscription expires, your account will convert to a regular Free version. Once that happens, you will not be able to continue using premium features. However, you will not lose your data, and you will be able to continue using it.

Why use LastPass?

LastPass makes password management considerably easier, from generating safer passwords to storing them in a vault. Using unique passwords for every account is cumbersome, and insecure passwords are one of the data pieces that are most common to leak in cases of data breaches.

Who owns LastPass?

LastPass is owned by LogMeIn, an American company located in Boston, MA. Last year, Francisco Partners and Evergreen Coast Capital, the affiliates of Elliot Management Corporation, bought the company. The deal was closed this year and was worth around $4.3 billion.

Comments

Kerry Van Iseghem
Kerry Van Iseghem
prefix 8 months ago
I am trying to use LastPass but I cannot login to my account with the username (email) and my master password. If you can’t login you cannot access support. I find sites that have zero real support useless. I found their support phone number and every option you can use sends you to an automated response telling you to go to their site for support = but if you can’t login that is impossible. Perfect example why their support is useless and therefore their product is too.
MaxiNeo01
MaxiNeo01
prefix 1 year ago
I am mainly using LastPass on my computer as that’s where I get most of my work done. So I thought I’d an extra layer of security with the help of my phone. Could you tell me how to add lastpass to google authenticator? Because I can’t seem to figure this stuff out.
CyberNews Team
CyberNews Team
prefix 1 year ago
Hi, you’ll find the most up to date info on their customer support website, here: https://support.logmeininc.com/lastpass/help/google-authenticator-lp030015
Kentros
Kentros
prefix 1 year ago
How do I start sharing credentials to other lastpass users in a secure way? Me and some colleagues have our own lastpass accounts and sometimes we need to share accounts or other sensitive data. But I’m just not sure if our current methods are as secure as we think. Would love to hear some tips from everyone here.
CyberNews Team
CyberNews Team
prefix 1 year ago
Hi, if you want to share a password, you’ll have to go to your vault, select the entry you want to share, and click the “Share” icon. Then, enter the email address, and that’s it.
Keep in mind that one-to-many sharing is a premium feature.
Roland Turner
Roland Turner
prefix 1 year ago
hello. how can i put lastpass on more than 1 device? I try to log in on my phone but later I notice that I’m logged out from my computer. Is this intentional?
CyberNews Team
CyberNews Team
prefix 1 year ago
Hi Roland, this isn’t normal. If your active session expires too quickly, you may have enabled an automatic log out setting. You should check if it’s toggled on and turn it off.
Joel
Joel
prefix 1 year ago
Is it possible to change all passwords at once on lastpass? I’m not trying to make myself more vulnerable by making my passwords the same all across the board, just between similar services that don’t have any sensitive data.
CyberNews Team
CyberNews Team
prefix 1 year ago
Hello Joel, you can automatically change up to 75 passwords at once. That way, you won’t have to go through each website manually to change the password into a more secure one.
Justine Bohn
Justine Bohn
prefix 1 year ago
hello i am using both lastpass and yubikey at the moment and i am in a bit of a predicament. overall they’ve been great while I was working normally but now with all the quarantines and restrictions the inconvenience is a bit too much when working from home. so with lastpass how to remove yubikey? thank you for your assistance!
CyberNews Team
CyberNews Team
prefix 1 year ago
Hello Justine, if you need to remove YubiKey, you’ll have to go here: https://lastpass.com/lostkey.php and follow the instructions.
CooledTight
CooledTight
prefix 1 year ago
Hey, I’m a bit confused right now. How do i find out which version of lastpass i have? And are there any risks if I’m using an outdated version of a password manager? I’m having a hard time imagining how hackers could access my passwords if I’m using 2FA and a strong password for my vault.
CyberNews Team
CyberNews Team
prefix 1 year ago
Hi, you are right – 2FA does prevent you from exposing your password. LastPass vaults weren’t hacked, their browser extension was buggy and exposed user’s data. Currently, all the versions that you’ll download are all patched up.
Dennis Hopper
Dennis Hopper
prefix 1 year ago
Yo, nice review! I’ve been using the free version of Lastpass for the past few months now and I gotta say it’s pretty dope. But is Lastpass free forever? I mean if it is then I totally recommend to everyone to try out. Heck it’s so good I might just buy the premium version too. I wish more companies would go with this type of monetization plan.
CyberNews Team
CyberNews Team
prefix 1 year ago
Hi, Dennis. We can’t say whether the password manager will stay free forever. LastPass is a business. They may be acquired by another company or go bankrupt. However, for the time being, they claim that they will keep their password manager free forever.
Rozbate
Rozbate
prefix 1 year ago
I’ve been using this password manager for weeks and still can’t figure out how to add a folder in lastpass! It’s like the more passwords I add the bigger mess I’m getting into. Still not sure if it’s possible or not. I’ve been looking online everywhere with no end in sight. Please help me figure out this riddle.
CyberNews Team
CyberNews Team
prefix 1 year ago
Hi, if you want to add a folder, you should just click the Add icon I the bottom corner and select New Folder. You can also create a folder within a folder that way, too
JerryM
JerryM
prefix 1 year ago
is it possible to import lastpass into keepass? I’ve been using lastpass for quite a while, but I decided that I don’t really need all of their functionality, some basic password storage is all I need. which is why i chose keepass – it’s free and seems easy to use, but I’m too lazy to manualy type out everything from my old platform to the new one.
CyberNews Team
CyberNews Team
prefix 1 year ago
Hi, Jerry. You can export your vault in CSV format. Then, once you’re logged in to your KeePass vault, you’ll need to import the CSM file that you exported, so you’ll skip all the manual typing.
Leave a Reply

Your email address will not be published. Required fields are marked