- Logical interface
- Automated password categorization
- Advanced mobile version
- Various two-factor authentication options
- Cheap premium plan
- Business plans available
- No desktop app (web-only)
- Import/export of existing passwords
- No money back guarantee
Nowadays a data breach is the worst possible thing that could happen to most of us, especially if the same password is used for a number of different sites. But on the other hand, keeping long, complex and totally unique passwords ready to recall in our minds is a challenging solution. This is why password managers exist, but these days they need to do so much more than simply store our passwords.
Although LastPass looks basic compared to its competitors, the simple facade hides a great program. Whether you use this solution for free or opt for the ridiculously cheap premium subscription, LastPass has provided a password manager that can not only organize your credentials, but also evaluate, replace and monitor all your passwords. On top of that LastPass provides a fantastic mobile application, advanced two-factor authentication options, and bank-level encryption on every device connected to the LastPass network. It’s a simple and straightforward solution for keeping all your passwords and other credentials safe.
Keep in mind that LastPass is entirely web-based, even if launched from your computer’s desktop. In other words, this password manager will always open up in your default browser and – as an unexpected advantage – translate to the browser’s default language. The minimalist yet logical design will immediately catch the eye, with attention being focused the so-called vault and therefore any stored passwords – hence why features like the import/export and the password generator mostly stay hidden. Interestingly, LastPass is able to categorize imported sites without human interference, making the search for a specific password even easier – though of course alphabetical organization is also available.
As for passwords, which can be imported manually or via an automatic prompt, multiple actions can be performed on them. They can simply be edited to your liking, moved to the preset password folders, copied, deleted or even shared with others. The above actions can also be performed in bulk, which comes in handy when you want to categorize multiple passwords at the same time or delete them with a single click.
Creating and storing other credentials, especially secure notes, is pretty easy as well: there are multiple templates for keeping other important information on your account, but LastPass also provides the option to create a template for yourself. Meanwhile forms can be filled out with virtually any detail you wish, from simple entries such as your name, address and contact details to even credit card and bank account details or even custom created fields.
However, it’s in the additional features where LastPass truly shines: most importantly is the “Sharing Center”, where entire folders can be created for files to be shared securely with any trusted person. There is also an option for so-called Emergency Access, which entitles a trusted party to access your account until a personally allotted amount of time has expired. And last but not least there is Security Challenge, LastPass’s own password evaluation tool that not only shows the strength of each of your passwords, but even warns you if a site you are registered with has been compromised.
Apps and Browser Extensions
The browser extension – which is compatible with Microsoft Edge – is nothing special, but it is mandatory if you want to unlock all features of LastPass and access your password vault. By default the add-on can display all credentials saved in your account, generate a strong password and even import or export password and other data. But every time you want to modify something regarding these credentials the software immediately redirects to the vault – with the exception of new account details, which can be edited once LastPass prompts to save them.
The mobile app is an entirely different deal – and not just because it is surprisingly available for Windows phones as well as the typical iOS and Android platforms. The huge difference between the app and the browser version is that despite an even more minimalist design the app still manages to include even more smart features – key among them being the inclusion of a password generator in the drop down menu. The app also provides a secure mobile browser that automatically imports your login credentials once prompted by LastPass. However, the app does not serve as part of the two-factor authentication process – but thankfully there is a separate app for that created by the company.
Setting up an account is extremely easy with LastPass and access to your vault is immediate without the need to download a desktop version or the add-ons for the software. This desktop version is basically an icon that launches a new window in your default browser and directs to your LastPass vault. However, if you don’t want to install the LastPass extension to every browser you use – which, unfortunately, cannot be avoided in the case of Mozilla’s Firefox – downloading the installer is highly recommended. This way existing account credentials can be easily retrieved and imported into the LastPass vault.
Importing from other password managers or exporting any LastPass data is quite the challenge. Exporting in particular isn’t handled normally: although LastPass promises to export in CSV format, it just opens another browser tab with all your data displayed without proper encryption and waiting to be copied and pasted somewhere else. The same dubious method is also present for importing: LastPass requires your existing credentials to be exported as simple text (TXT), then it’s a case of pasting that text to a relevant box. However, the funny thing is that in spite of this ridiculous – and downright unsafe – method, LastPass still manages to categorize the new data in the same intelligent manner it does when it imports credentials from browsers.
Security and Privacy
Although the company was involved in many security breaches over the years, LastPass does everything in its possession to keep your data safe. The fact that all passwords are encrypted on the device with military grade AES-256 encryption – with PBKDF2 SHA-256 and salted hashes added to the mix – ensures that all data entering LastPass’s cloud storage can only be interpreted by you or the party you share your credentials with. All passwords stored in your account can be evaluated and a warning is displayed should any site you use become compromised. Additionally, the password generator is also available online, meaning that even your master password can be created with LastPass.
LastPass also provides the option to use 13 different two-factor authentication software and apps, including LastPass Authenticator. There are benefits to using this app, however, and not simply for convenience. LastPass Authenticator is capable of generating 6-digit codes or SMS messages, but it also possesses a simplified login screen – where you only need to tap on a green tick to log into your account – and it can add any device you wish to the trusted devices list.
Regardless of the unique features available, it is LastPass’s pricing policy why this password manager should be considered a jackpot. Unlike its competitors even the free version provides everything needed: data syncing across devices, password sharing, a password generator, secure notes, and two-factor authentication. Upgrading to Premium for just $24 per year ($2 per month) then unlocks data sharing to multiple parties, advanced two-factor authentication options, emergency access, LastPass for certain offline apps, 1GB of encrypted storage, and priority tech support.
Interestingly LastPass provides a separate service for business users: the only differences – aside from a 14-day free trial – are that Teams ($2.42 per month per user) offers unlimited shared folders and easier user management, while Enterprise ($4 per month per user) adds directory integration, cloud app provisioning and API support into the mix.
What’s more interesting, however, is how easily regular users can temporarily upgrade to premium: either by subscribing via a recommendation – which entitles you to a one-month premium subscription – or by receiving said subscription as a gift.
At first the customer service of LastPass doesn’t seem too ideal, since it lacks phone or live chat contact and – this is the most disturbing – there are no details on what kind of payment methods are accepted. However, all the other support options are top-notch, which is exemplified in the highly detailed knowledge base (FAQ if you prefer). Further help can be sought by reading a complete user manual, turning to one of the forums or watching video tutorials either on LastPass’s own site (look for “Screencasts”) or its YouTube channel. The company is also pretty active on Twitter, where it regularly informs clients whether services are down. There is also its Facebook page, but admittedly it is mostly used to draw attention to the LastPass blog and articles about the company.
LastPass is the prime example of how to do a password manager right. While the fact that this program doesn’t exist as a true desktop app might be worrying, this hiccup is easily outshone by the many advantages LastPass provides. The simple and straightforward tool is capable of automatically organizing your passwords, secure notes and other data in alphabetical order or according to default folders.
It also features options such as unlimited password sharing and evaluation, military-grade local encryption, continuous data sync across devices, a superb mobile application, and advanced two-factor authentication options. But the cherry on the cake is how cheap LastPass is: whether you choose the free version or pay only $2 per month for the premium features, LastPass provides the password security you desire by keeping all your passwords and other data safe.