Disclaimer: this article includes affiliate links. When you make a purchase through one of our links, we may receive commissions.
- LastPass Password Manager Review
- Why Use a Password Manager?
- Which Do I Choose?
- How it Works
- LastPass Browser Extension
- Desktop and Mobile
- The Vault
- Security Algorithms and Encryption
- Multifactor Authentication
- Other Premium Benefits
- You Need a Password manager
In this post we are going to cover:
Plus more... Read on to learn everything you need to know about LastPass.
LastPass Password Manager Review
LastPass is a popular password manager, available as a browser plugin as well as a standalone app for smartphones, tablets, and PCs. It comes in both free and Premium versions and is also available for families, teams, and enterprises. With a robust suite of products, it seems like there is probably a LastPass version for everyone – but how do you know which one to choose?
The first step in narrowing that down may be asking, “do I need a password manager?” The answer to that question is almost certainly “yes” – and if you haven’t given it any thought until now, you probably should be. With cybertheft and data breaches on the rise, it’s more important than ever for users to protect their personal data.
There are millions of devices online and connected to the internet around the world, and users have an average of 200 online accounts. Those items combine to create a lot of passwords to remember. One way some people get around that is to use the same password, or a variation of the same password, on all sites. That’s a terrible idea, though – hackers who access a password will then be able to access numerous accounts using that password. One of the first rules of internet security is never to reuse the same password.
This is where a password manager comes in.
Why Use a Password Manager?
Password managers eliminate the need to remember hundreds of passwords or to keep a piece of paper somewhere with all passwords written down – which then get scribbled out whenever a password update is required. Password managers essentially provide access to secure online vaults that house all the user’s information – passwords, payment information, and more, all protected by one master password. This way, you only have to keep track of one password rather than hundreds. The case for using a password manager is fairly straightforward – you should do it. So then, the real question becomes, which one do I use, and which version of the one I choose do I need?
Which Do I Choose?
We hope to help you narrow down the field a bit with LastPass review. It is available in a free version, as well as a Premium version for $36 a year (LastPass advertises it as $3 a month, but it is billed on an annual basis). A Families version is also available for $4 a month (billed at $48 per year) that offers 6 individual LastPass licenses, where each family member with a license has access to unlimited shared folders with others on the same account. LastPass Families offers all the features and tools of a Premium account.
The differences get a little confusing, so let’s start by looking at how exactly LastPass works and what features it offers. We’ll note what is included with the free version, and what comes with a paid Premium and/or Families version.
How it Works
The key to LastPass’s functionality is the Master Password. As mentioned previously, having a vault secured with a single password makes life much easier than having to remember numerous passwords. The Master Password is the key to the LastPass Vault, where all the other passwords, as well as other data and information of your choosing, is housed. You can access that vault in a few ways – either online through a browser extension, on your smartphone or tablet, or, for Premium users, on a Windows desktop. The data can then be filled into a form automatically, or you can copy and paste it for access wherever you need it. Each of these methods of access is incredibly useful in and of itself.
LastPass Browser Extension
The LastPass password browser extension is, in many ways, the backbone of LastPass, as most users need to fill in password information when they’re online surfing the web. It is available on most browsers and platforms – it includes not only Windows and Mac, but Linux as well, available in Google Chrome, Firefox, and Opera for all three platforms. For Mac, it is also available on Safari, and it is available for Mac and Windows in the new, Chromium-based Microsoft Edge. For Windows, it also covers legacy versions of Internet Explorer and Microsoft Edge.
For most browsers, the extension can be installed through the browser’s Extension or Add-On gallery, but they are also available directly from LastPass’s account manager site. It’s up to you which you choose – most Chrome users, for example, are pretty accustomed to navigating the Extensions gallery, while the navigation in other browsers may not be as clear. However, if you install directly from your LastPass Account Manager, LastPass eliminates confusion by recognizing the browsers installed on your computer and offering a link to the browser extension for each. It’s a nice touch that simplifies things even further.
The end result of the browser extension installation is a menu item in the browser bar that allows you to fill passwords, payment information, and other information with data from the vault. You can do this either by clicking on the LastPass icon in the browser bar or on a LastPass icon that will appear within the forms themselves.
Info: There does seem to be some variation in how well LastPass integrates with each browser and how well it works on different sites. In our tests, we found that LastPass did not always autofill forms, and in some cases, it was necessary to copy and paste the username and password.
LastPass fills more than passwords, too. One of its best features is its ability to store credit card payment information, bank account and routing numbers, addresses and more, and have forms automatically filled when signing up for an event or checking out in an online shopping cart. With one click, you can save yourself the hassle of typing the same information over and over or scrolling through endless dropdown menus. (As with the password information, certain sites seem to work better than others, but the copy/paste option is always available from the menu bar as well.)
Desktop and Mobile
Also available are desktop and mobile apps. The mobile apps are available for smartphones and tablets on both Apple iOS and Android and are included with the free version. The Premium version of LastPass includes LastPass for Applications. This works on Windows machines, and enables autofill for applications, as well as allowing you to launch the applications directly from the tray icon. For Windows users, this alone makes the Premium version of LastPass worthwhile, as it’s a smooth experience and simplifies a lot of activities that might otherwise involve a lot of hunting for passwords – for example, you’ve changed your Gmail password and need to re-enter it in the desktop version of Outlook as well.
Info: LastPass recently discontinued its Mac desktop app in favor of a web-based application that integrates with the browser, noting changes Apple made in Safari as the reason for doing so. While the Mac application works, in our tests, we found ourselves simply heading to the vault in the browser – the experience was not nearly as smooth as in the Windows application, which by itself is worth the price of LastPass Premium.
No matter what platform or method you use to access it, though, all roads in LastPass lead back to the vault. Just as it sounds, the vault is where LastPass stores all your valuable information. It holds passwords, notes, bank cards, bank account information, and more.
With the Premium version of LastPass, you get up to 1GB of secure document storage for items like driver’s licenses, passports, and other critical documents. This is a great extra for Premium users, as it’s a secure storage location for these types of documents that you’ll want to keep track of – often when filling out loan applications, for example, you’ll need a copy of your driver’s license. It’s great to have a copy of it on hand and not have to scan and save it every time – but you don’t want to leave that kind of personally identifiable information in an unsecured cloud storage location.
Security Algorithms and Encryption
Files stored in the vault, along with the passwords and notes, are encrypted. LastPass implements AES-256 bit encryption with PBKDF2 SHA-256 and salted hashes, which ensures security in the cloud. The master password generates a unique encryption key to access the vault.
Info: LastPass makes a point of emphasizing the fact that the data stored in your vault is kept secret. The keys used to encrypt and decrypt data, which are generated by your master password, are never sent to LastPass’s servers or accessible by LastPass.
One of the best and most critical features LastPass offers is multifactor authentication. This is an additional layer of security that requires a second step before you can access your account. Multifactor authentication is recommended by most security experts today, as even the best and most complex password is subject to hacking or theft. Enabling multifactor authentication helps protect your LastPass account, and all that valuable data in the vault, from hackers, data breaches, keyloggers, and other threats.
To enable multifactor authentication, simply go into the Account Settings menu and choose the Multifactor Options tab. Here you’ll see a list of available options. For free users, the choices are the LastPass Authenticator, Google Authenticator, Microsoft Authenticator, Toopher, Duo Security, Transakt, and a grid authenticator. With the exception of the grid method, these options send push notifications to your smartphone, either allowing you to accept or reject the login or generating a one-time code that you can then enter into LastPass. Grid multifactor authentication is for those who don’t want to use their phones or other mobile devices – these users can print a sheet of paper that is used to look up specific matching values provided by LastPass when logging in.
The Premium version of LastPass adds two important options for multifactor authentication. One of those is the use of Yubico’s Yubikey. Designed as an extra-secure authentication option, the Yubikey is a small, unhackable device that can be used by inserting it in a computer or through NFC technology on a phone. It allows an extra level of flexibility and security for Premium users.
All Yubikeys Compared
- Best for Mac users
- USB-C connector
- You can save $20 if you don't need the lightning connector
- Best for non-LastPass users
- Budget version of the 5 NFC
- Best for users who can’t spend much
- Best for federal workers and contractors
- Meet the highest authenticator assurance level from the latest FIPS guidance
- Is available in all versions that the YubiKey is
The other multifactor authentication method available to LastPass Premium users is fingerprint/smart card authentication. Providing support for Windows Biometric Framework as well as some other fingerprint readers, enabling this will allow you to use your fingerprint to log into your vault, rather than entering the master password.
LastPass makes a point of noting that this works for password reprompts as well, which can save a lot of time, as it’s a good security practice to require re-entry of the master password to gain access to certain areas in the vault, like credit card information.
Other Premium Benefits
We’ve noted a few differences between the free and Premium versions of LastPass – most notably the Windows desktop app (called LastPass for Applications) and the 1GB of secure document storage. Other benefits include one-to-many sharing, which makes it easy to share one secure item with a group of people (the free version offers sharing items with just one other person).
Emergency access is also a Premium feature – you can designate the email address of a trusted person to get access to your vault. The contact must request access, which you can decline within a specified waiting period – for instance, my emergency contact can request access, and if I don’t decline it within a three-hour window, he will then be able to add my vault to his LastPass account. This is an essential feature, as the need to handle digital life – passwords and such – after death has become increasingly more critical in this digital age.
Finally, Premium users get access to priority tech support – support inquiries from Premium and Family members go to the top of the queue.
You Need a Password manager
If you weren’t convinced before, hopefully you now realize you definitely need a password manager, and you simply need to decide which one. We can certainly recommend LastPass – it’s simple to use, intuitive, and its security features make it a solid choice. When deciding between the free and Premium version, it’s a matter of which features are important – for Windows users, we’d say the LastPass for Applications feature alone makes it a no-brainer. However, even if you’re on a Mac, the Emergency Access feature is a compelling enough reason to pay for the Premium version. The 1GB of secure storage and additional multifactor authentication options are bonuses; the price for Premium is low enough that any one of these would make it worthwhile.
The field of password managers is broad and we hope we’ve helped you narrow it down with this password manager review. Bottom line: LastPass is one of the best-known names in the password manager field and the Premium version is an excellent choice for almost anyone.
What is password management?
Password management is a set of principles and best practices for users while storing and managing passwords in an efficient manner to secure passwords in order to prevent unauthorized access.
Why is password management important?
Password manager helps to protect your passwords by using a different random password for every account — at least once you’ve replaced all your old re-used passwords.
How to choose a password manager?
You need to look for a few characteristics when choosing a password manager: a random password generator, a secure password-protected “vault”, end-to-end encrypted, under active development, audited by independent researchers. should support extensions for well-used browsers.
Are password managers really safe?
Password managers encourage users to practice good security principle: unique, long and complex password.
What if my password manager gets hacked?
If hackers get all the data the password manager has, they’d still have to try every possible password for your data to see if it works, since the hackers see only a bunch of scrambled passwords.