LastPass is chock-full with features, pretty affordable (with the Families plan) and is very pleasant to use. They're easily one of the best password managers we've reviewed... except that they come with some pretty serious drawbacks. Learn more.
August 06, 2020•
If you’re about to purchase a LastPass account for yourself or your family, you might want to hold on for a minute till you’ve read this review.
We’re researching a list of password managers for our best password managers series, and because of that we dove deep into LastPass Password Manager, testing out every feature they have and listing out their pros & cons. We’ve also written down what we liked, what we didn’t, and generally whether or not LastPass is a must buy in our books.
But first, here are a few things about LastPass to get you acquainted with the password manager.
Pros of LastPass
Cons of LastPass
LastPass Plan & Pricing
How LastPass Performs Against Competiton
Out of all the password managers we’ve researched, LastPass has possibly the most colourful history as far as password managers go.
According to their own website, LastPass was founded by 4 like-minded friends in all the way in 2008, subtly telling their audience that they’ve got more than 10 years of experience in the password security industry.
The company wasted no time since its formation because in 2010, they made a move to acquire Xmarks, a browser extension that enabled password syncing between browsers. LastPass seems to have discontinued service for Xmarks since 2018, but I think it’s pretty apparent that they’ve integrated Xmarks’ tech into their password manager program, which now allows password syncing across multiple devices.
In 2015, LastPass was acquired by LogMeIn for $125 million, an SAAS giant with a very impressive list of SaaS brands under their belt, such as GoToWebinar, Jive, RemotelyAnywhere and Bold360.
The move was a very controversial one with LastPass users throwing a fit over the acquisition, as LogMeIn isn’t exactly known to be the most ethical company.
Can’t disagree with them though. This writer has personally used products from LogMeIn before, and to say that the experience has left a sour taste in my mouth would be an understatement.
Anyway, before we bore you to death with their history, we’re gonna move on to what we discovered about LastPass.
Is it a kickass password manager or does it suck to high heavens?
Read on to find out!
A software’s UI can potentially make or break the program. A UI that provides a good user experience can make a poorly made app seem good, while nobody will bat an eyelid at an awesome app with a sh*tty UI.
We were pleased to find that LastPass UI is actually quite pleasant on the eyes!
As the program loads up in your browser, you’ll be welcomed with a red top bar that’s unmistakably part of the LastPass branding, with a pleasant neutral greyish background.
The layout is intuitive and navigational links are clearly labelled, so you won’t have trouble at all going where you need to be.
The software is uber user-friendly yet snappy (when it works that is – we’ll talk more about the problems we encountered later on), and most people won’t have an issue learning how to go about using the program.
Kudos to LastPass’s UI & UX team, you guys did a great job!
Although using LastPass is relatively easy, not everybody is accustomed to using a computer, and might be intimidated by all the features.
LastPass recognizes this as an issue, and has created a very friendly vault tour to make the program more accessible to those that are inexperienced with computers.
The tour brings you through all the features of the software and works like a little tutorial, guiding you through all the little things you’re able to do.
I highly suggest everyone go through the vault tour just to have a little look around. Who knows, you might discover nifty little features that might otherwise not be as obvious, even for those that are comfortable around a computer.
If for any reason you feel that the vault tour is insufficient as a tutorial, don’t fret – LastPass has already prepared a tutorial page filled to the brim with guided videos for those of you that prefer watching over reading.
Now what on earth is the LastPass Security Challenge, you ask?
Well my dear friend, you’re about to get educated.
LastPass Security Challenge basically analyzes ALL of the passwords in your vault, to see whether or not the passwords you’re currently using was compromised sometime in the past.
If LastPass detects that any of your passwords is duplicated, weak, compromised or even old, the program will send you an email with all the relevant details you need to make changes to the affected passwords.
Don’t panic when you see the results – due to multiple data leaks by plenty of major corporations in the last decade, one or two of your passwords are likely compromised, and it’s not the end of the world.
All you’ll need to do is just simply log into the offending website and change your passwords (preferably with LastPass’s password generator) and you’re all set!
Needless to say, we were very pleased with this feature!
Everyone knows that creating a completely random password is the best measure of security you can use to protect your data online.
It’s not all that hard to do either! You can:
Thing is, with almost every specialised site needing some sort of sign-in, it’s really impossible to generate a random password by yourself every time and remember it the next time you need to use it.
Furthermore, you’re likely gonna be asked to update that password in a year or two, which makes it more trouble than it’s usually worth.
Hence, a lot of people I know use easy-to-remember passwords like Hello123 or password1234, or variations of the sort. They also tend to use the same passwords for multiple sites to make it easy to remember.
The issue here is that you never know how ethical or how secure the sites you’re signing in on really are!
Once one password is leaked, ALL your other accounts with the same passwords will be compromised as well, and updating those will just be a pain (trust me, I’ve been through this).
That’s why we love LastPass’s password generator, it’s embedded as part of the LastPass extension in Chrome, so generating a random password is never more than 3 clicks away.
The password generator offers 3 password types to be generated – “Easy to say”, “Easy to read”, and “All characters”, which is completely random.
You can even adjust how many characters you want the new password to be, with capitalization, numbers and symbol options.
We highly recommend using the “All Characters” option, since you’re already using LastPass. A complete random password like n$Yyta7lUJ01 is harder to crack, and since you’ll already have a kick-ass Password Manager, why not use it and have the most secure passwords possible?
Access the password generator by:
And that’s that! You have a brand new, randomly generated password.
LastPass is no stranger to leaks and security breaches.
They’ve had security incidents from 2011 all the way to 2019, but the most controversial one has to be the security breach from 2015.
During the breach, email addresses, password reminders and authentication hashes were compromised, but the encrypted user vault information and data managed to remain secure.
You see, LastPass utilizes Zero-Knowledge Encryption, which means that the data you store in the vault is viewable only to you – even the staff in LastPass won’t be able to read it, even if they wanted to.
This ensures that even if their servers are breached, the data thieves won’t be able to read your data, as you’re the only one with the master key to your personal vault.
LastPass also utilizes military-grade AES-256 bit encryption with PBKDF2 SHA-256 and salted hashes to ensure that the data in your vault stays completely secure in the cloud
Multifactor authentication is also available should you want an extra layer of security. People generally consider this as a hassle, but passwords alone are no longer effective for online security.
To enable multifactor authentication, open your LastPass vault and click the settings button.
Select “Multifactor Options” in the pop up window, and you’ll be greeted with a list of free multitracker options available.
You’re free to select whichever authenticator you prefer, but we went with the LastPass authenticator.
Hit the little pencil icon in the far right of the pop-up and change the “Enabled” value to “Yes” and hit “Update”.
After that, all you have to do is follow the instructions on screen, and you’ll have set up multifactor authentication, keeping your data as safe as it possibly can be.
LastPass is able to sync across all of the devices you’re using, so if you add a new password from your desktop, all of your devices with LastPass installed will also be updated.
The app for mobile devices has ramped up security, as the company is aware that it’s much easier to physically take someone’s phone and access their private data, especially with a password manager installed.
To counter this issue, LastPass has implemented biometric security, ensuring that only the thumbprint registered with the phone is able to unlock the app and access its data.
It has also disabled native screen grabbing so that no one can swipe the phone away from you while it’s unlocked, grab a screenshot and send it to themselves.
The app works beautifully, remembering passwords to other apps and web browsers as well, which in turn provides us with a seamless browsing experience.
Needless to say, we were more than happy with it!
So we’ve tried a lot of password managers and the one thing that really annoys us is that most password managers do not have the ability to log in to banking portals.
Banking portals usually use more complicated login systems to ensure that the person logging in really IS the person who is supposed to log in. These systems usually don’t work with password managers.
We were pleased to find that LastPass somehow manages to work with those systems! At first we thought it was a fluke, and it only worked with one particular bank. Then we tried it with 2 other banking portals, and it still works!
Aside from that, LastPass has other features related to banking that’s pretty darn interesting in my opinion.
First up, they’ve got plenty of categories to store your details.
Whatever important details you want on you, like your insurance policy, WiFi password, or even your gym membership number can be stored with LastPass. You can even create a new custom item if you wish.
Diving deeper into this, we found that LastPass also allows you to store your credit card numbers and banking details!
Once you’ve entered your banking or payment (credit card) details into LastPass, the program will autofill the blanks for you when you shop online, so you don’t have to manually key in your address or credit card number, ever again!
This feature is super convenient because it syncs to all our devices, meaning we can also shop online via our phones and have our details automatically added after a quick biometric scan, making things faster and more accessible to us.
Now that we’ve experienced features like these, I have no idea how we’re gonna go back to life without it.
Few things in life annoy me, hence I consider myself to be a patient man. But as good as LastPass is, a few of the things they do really makes me want to punch someone in the face.
To be more accurate, when we started up LastPass there wasn’t a prompt anywhere at all for us to import our existing database from other password managers or browsers.
We spent a frustrating amount of time trying to figure out why we couldn’t import databases, only to find that there is no automatic way to do it, hence we had to do it manually.
Since it turned out to be more complicated than expected, we’ll show you how to do it to make life a little easier for you.
First, open up the LastPass extension and go to “Account Options”.
Hit “Advanced” – “Import” – “Others”.
You should be welcomed by LastPass’s import interface. Select “Generic CSV File”.
You should then see a box labelled “Content”.
Next, head back out to your OS and locate the CSV file downloaded from Chrome or other password managers (Google should be able to tell you how to do this).
Once you’ve located the CSV file, right-click and open with Notepad.
You should see your database in Notepad now. Hit “Ctrl + A” to select all, then copy that data.
Head back to the LastPass tab, and paste that database data into the “Content” box, as seen below.
Hit “Upload”, then you’re done.
It’s a highly secure way to import databases yes, but quite troublesome. We do wish LastPass would automate this process.
Now, if I was in a rush, I’d be downright pissed. As a password manager SaaS, having users unable to log into your systems is a huge nono.
If I had to urgently send an email and I can’t because I depended on LastPass, I’d have potentially lost some serious business.
I don’t know if this is common or if it’s the connection on my end, but to me, this is just downright unacceptable.
When I discovered that LastPass was bought over by LogMeIn, I was immediately turned off as my previous experiences with LogMeIn left a really sour taste in my mouth.
Long story short, when I needed to contact support with LogMeIn, they couldn’t be found. Like, a support button literally couldn’t be found anywhere!
I hoped that this wasn’t the case with LastPass, but alas, we were faced with the same situation.
Maybe there’s a hidden button somewhere to contact live support, but I couldn’t find it.
The potential problem here is not just if we encounter problems with LastPass, but how are we going to cancel our accounts in the future if we can’t contact support?
A sobering thought isn’t it?
LastPass has 3 plans to suit the needs of all sorts of users.
LastPass Free plan has all the same features as the Premium plan, except emergency access and 1GB encrypted file storage.
The Premium plan apparently has priority tech support, but like we mentioned earlier, we couldn’t find access to support at all, so we don’t know how relevant it is here.
The Families plan allows up to 6 users and unlimited shared folders, providing you with so much more value over the premium version.
Personally, I would suggest going with the Families plan as it costs just 1 dollar more than the Premium plan. You can then gift the account to your friends or family if you’re feeling generous, or get them to chip in to bring down the cost!
A thorough review isn’t exactly thorough if we don’t pit LastPass against some of their competitors out there.
Here, we’ll share with you our thoughts and feelings about LastPass against some of the big boys in password management.
We’re pretty sure you’re familiar with Google Password Manager (GPM) since it comes preinstalled with Chrome, so we’re gonna show you how much of a difference it is using LastPass vs GPM.
LastPass is a damn good password manager. It does everything it’s supposed to do and more.
The UI is intuitive, easy on the eyes and runs like a dream. They use cutting edge security features which provides us with the confidence we need to keep our passwords secured.
The ability to sync all our passwords across multiple devices is very welcomed and makes life so convenient for us. The inclusion of an awesome password generator is also pretty life-changing – no more struggling to come up with passwords.
However, LastPass does have their fair share of problems that frustrate as equally as the advantages delight.
With no automatic database importing (and no prompt to tell us how to do it properly) we had to muck around and figure things out ourselves, which took us much longer than we’d like.
And then there’s the issue of the system being down and the case of missing live chat.
These are things that we find unacceptable, but LastPass has introduced features we now can’t seem to live without, so that kinda cancels out their disadvantages.
It feels like we’re taking 2 steps forward and one step back with LastPass, but bear in mind – 2 steps forward and 1 step back, is still 1 step forward.
To wrap it all up, LastPass is truly one of the better password managers we’ve had the pleasure of reviewing. The only problems are that their problems ARE serious, but not unfixable. If you can live with their issues, then LastPass comes highly recommended.