LastPass Review (2020): Password Management Made Easy

LastPass Feature Image

LastPass is a password management application you can use to store your passwords and private information and data. Password managers, in recent years, are more useful than ever. It comes with so many services and tools that are moved to the cloud.

LastPass is one of them, and can be considered as one of the best options around. It stores all your logins in the cloud. You can access your login credentials, passwords, and data from anywhere.

What more LastPass is run on some of the safest encryptions and security around.

A quick research tells us that LastPass has 2 tier packages – free and premium – for individual packages. Family packages are paid and are made to cover a whole household.

Company Background

LastPass Homepage Screenshot

LastPass was originally founded and created on 22nd August 2008 by Marvasol Inc. Oy is a freemium password manager that stores encrypted passwords online. The standard version of LastPass comes with a web interface as well as plugins for several different web browsers.

LastPass was later on acquired by LogMeIn Inc in October 2015. To present day, LastPass is considered as one of the most popular password manager software besides Dashlane, KeePass and 1Password.

In March 2019, LastPass was awarded the Best Product in identity Management award during the 7th annual Cyber Defense Magazine InfoSec Awards.

Criteria

Before we go further, here are some criteria you should look at before settling for any password management software. LastPass included. The criteria helps you look for what you need when looking for any products and services.

The Features Available

The features is one of the quickest way for you to decide whether if you want the software or not. A quick overview of the features available will help you make some of the decisions to whether you need a software as advanced as the product you are looking at.

Sometimes you may not need all the features provided by the software. Even if it is from its free version. Although that may be rare, we can say that most times the more advanced features can be found in paid versions of the software or fully paid software.

Software Safety and Security

For a software like LastPass running as a password and data security software, it will be good to take note of its safety and security. You will be surprised at how not all security-based software are made to be as safe as you think it to be.

We would recommend you to do a lot of research on the software before settling for it. Or maybe try it out yourself before fully committing to it.

Support

Support is one other important aspect when choosing a product. We have included this section because some people take product after services and support very seriously. Especially when it is something that comes to data and information privacy.

You may want to have a look at the support aspects of some products. Take into consideration how if your data and information were ever leaked and hacked by unauthorized 3rd parties, you may want to reach out to the product’s company for verification.

That and the fact that you may want to look for ways how to resolve the compromised the hacked data. All with the help of the product’s support and after services.

How To Use LastPass

Some people may not be tech whizzes, so they may want to know how to use LastPass. We have included this quick section to help out those who are not exactly experts in technology, hence may need some guidance in this area and aspect.

Plans and Pricing

This section is, of course, the plans and pricings offered by LastPass. It has a free package and a paid package. It depends on which fits your needs and preferences best. Some people don’t really need the paid version sometimes.

That is because most times the free version works more than enough most times for the average user. Hence, a paid version is not really needed for the regular joe. However, that does not mean that people should not choose the paid version at all, as sometimes some people legitimately need the paid version.

LastPast: Our Review

Now that we are done with the criteria part, let’s have a look at the product itself.

The Features Available

LastPass has a few really good features that is proven useful for the well-esteemed user like you. As a matter of fact, after looking though what LastPass have to offer, we can understand why it is a well-received product among many tech whizzes.

Security Features

First and foremost, of course LastPass will provide security features as it is a password security software and company after all. A quick look at what it has to offer, we can say that it offers a lot of security features.

As far as we have seen and done our researches, LastPass provides the following features:

  • 2 Factor Authentication (2FA)
  • AES-256 Encryption
  • Zero Knowledge
  • 2 Factor Authentication Keys
  • Security Analysis
  • Multi Device Sync
  • Backup and Recovery
  • Mobile Apps
  • Password Changer
  • Password Generator
  • Browser Extension
  • Autofill
  • Form Autofill
  • Browser User Interface
  • Email
  • Help Center
  • Forums
  • 24/7 Support
  • Free Plan

What security and general features are listed above is what LastPass provides as a whole for its users. Some users have mentioned how with the multi-device sync, unlimited storage for a single user and autofill support, the free plan outshines the paid plans in numerous ways.

Although having said that, the premium subscription is said to be not too expensive so to speak.

Software Safety and Security

Although LastPass is generally safe, it suffered a breach back in 2015. The breach was put under spotlight as the cybersecurity community debated if password managers are really secure as it said they were.

Though the breach happened, it does not however compromise any user information and data. LastPass uses a really safe architecture that can withstand even the most strict scrutiny.

That model was built around zero knowledge. You will have a master password, which is the key to unlocking your account and vault contents. LastPass is said to never see or store it.

We found out that your master password will be sent through more than 100,000 rounds of PBKDF2 hashings in order to generate an encryption key. An authentication hash will be generated also in the process.

Your master password will look like a bunch of gibberish after hashing. LastPass will use that gibberish with additional hashing to generate and authentication key. The key is then matched against the server. If it lines up and matches, your account will unlock.

The process is long-winded. However, the important part here is that LastPass will never see your master password – ever. As a matter of fact, we were told that your master password will never leave your computer.

At the same time, your master password is used to generate an encryption key that unlocks your vault. Your vault contents are secured with AES-256, which is said to be one of the strongest security standard on the planet. It will have to take a hacker multiple years to crack one password.

LastPass: Hacked Episode

We found out that LastPass was hacked back in 2015. LastPass was very dedicated and forthcoming about the hack. It lets its users know right away, unlike some safety and security software around.

The attackers were able to access and steal data from LastPass’ cloud, but the attackers were unable to access any sensitive information. As LastPass runs on the zero knowledge model, no vaults were compromised.

Although the hacking episode was well-handled and dealt with, some users still find it uncomfortable to use it.

In 2019, Google started warning users about a LastPass phishing scheme. Project Zero (Google’s security analysis team) found a vulnerability where LastPass can leak its users’ passwords though an outdated cache.

That vulnerability was fixed swiftly, thanks to LastPass.

What was important here was not how LastPass was hacked, It is the matter of how LastPass responded to the security breach. LastPass is the most in demand password manager around according to its search volume.

It simply means that it has a very big target on its back. Given the volume of users, the hack comes at little to no surprise.

LastPass is considerably one of the most popular password security software around – judging by its security architecture. It cannot prevent an attack on its servers entirely. It has taken all proper measures to ensure if there is an attack and no sensitive data is released. That has been reflected in the 2015 breach.

Is LastPass Considered Secure?

You may have doubts and questions as to if LastPass is secure to use. It is an entirely valid question to ask after having known the 2015 breach, and rightly so as users to have such doubts.

LastPass has a secure architecture that will keep your password safe. As it was breached in 2015, only encrypted data was stolen (unfortunately).

However, no plaintext passwords or user data was uncovered. LastPass can go head on with any other commercial password manager when it comes to security. That makes LastPass very safe to use.

Support

LastPass’s support is considered decent by many users and people who have used it before. LogMeOnce, the company behind LastPass, lumps its tech support with other products.

The knowledgebase is filled with many articles on how to set LastPass up. That makes it very easy to find answers. There were a few troubleshooting articles but they are mainly focused on the lesser known LastPass features.

We came to learn and found out that business subscribers get much better and deeper support from LastPass – with advanced topics covered extensively and in details. It isn’t too dense, and users said that the knowledgebase is impressive.

Users have also mentioned how LastPass provides detailed articles, as well as video tutorials. If you need more answers and help, you will be advised to post on the LastPass forums. You may not receive any replies straightaway, but eventually you will.

At the same time, the self-help options are not a supplementary support resource. We will advise that you will need to find an article before getting the option to contact support. The self-help options, instead of having a support page, will simply have a link to a contact form on the bottom of each article.

Regardless if you are a paying customer of LastPass or not, you can contact support. We should mention that paying customers and users will get priority support and response though. So, you may have to wait as free users and customers.

Even then, we were told by free using clients that the process should not be as convoluted as it is. The wait time is not too long as replies come in a timely manner.

How To Use LastPass

LastPass isn’t exactly too hard to use, according to many users who are not exactly pro at technology. There are a few different ways to setup LastPass on desktops. If you are using only any one browser, then installing the LastPass extension in the browser will be enough.

If you switch between browsers occasionally or regularly, the it will be faster for you to download the universal binary from the LastPass website. It will simultaneously install the extension across all supported browsers on your system.

The only 2 exceptions to such rules are Microsoft Edge LastPass browser extension. It can only be found in the Microsoft Store. The other one was LastPass for Mac standalone application, which you can only download from the App Store.

Whichever option you choose, your first task is to select a master password. This password is not stored by LastPass. So it will be the only password you will still need to remember yourself.

However, let’s say you have the misfortune of forgetting your master password. LastPass will give you several options to reset it and keep your account. You will have the option of creating a password reminder to get LastPass to save a phone number. A number which LastPass can send an account recovery SMS.

There is also, however, a one time recovery password for any browser on which you have previously used LastPass. Upon triggering the account recovery mode, it will guve you a recovery password where you can reset your master password.

Installation Process

The mobile apps for Android, iOS, and Windows Phone are all available in their respective app stores. As you have installed the app (for the first time), you will be asked to log in using your master password. After that initial log in, you are able to switch between a PIN or biometric log in. The biometric log in can help save time in the future.

If you are using built-in password management in one of your browsers, or a competing password manager, you may want to import your existing information into LastPass.

It is said that the service is able to pull data from dozens of browsers and services as well as CSV files. Regardless of what you are using currently and previously, you should be able to export the data over. The service will also attempt to categorize your passwords from some services, saving you a great amount of time.

LastPass on Desktop

Using LastPass on desktop is going to mean using the browser extension or the website interface for most users. LastPass Pocket provides a somewhat primitive standalone desktop application for Windows or Linux.

Mac users will have the option of installing standalone LastPass desktop software, but users were advised against it. The reason being that the design of the application is sparse and confusing to navigate. The web option is a lot easier to navigate and use, according to some users.

The best (and lone) advantage of Mac’s standalone application is Touch ID fingerprint login support for MacBook Pros. However, some users said it is not worth the tradeoff.

LastPass on Mobile Apps

The mobile apps on Android and iOS share most of the features and design of the desktop browser interface. You will, however, lose a few features – among them the ability to change multiple passwords at once.

The iOS app works slightly different from what you will find on the desktop browser interface and Android app. It adds a 2nd navigation bar at the bottom of the screen to move among your vaults, the build in LastPass browser, Security and Settings.

You can even log in with FaceID on an iPhone X, with Touch ID on any iPhone that supports it. The iOS app also moves the button for adding new items to your vault to the top right from the bottom right. It supports iOS 12’s automatic form filling feature.

The Android app is said to mirror the design of the browser interface almost identically. That makes for an easy transition from desktop to mobile. Android 8 Oreo and Android 9 Pie users can take full advantage of form and password filling functions.

Fingerprint recognition is supported on all Android phones that has it. LastPass is said to support the Google Pixel 4’s facial recognition.

Plans and Pricing

LastPass is generally said to be free. However, they also offer advance plans with premium prices.

Personal and Family Packages

  • Free Package
  • Cost US$0
  • Covers 1 user

Premium Package

  • Cost US$3 per month
  • Covers 1 user

Family Package

  • Cost US$4 per month
  • Covers up to 6 users

Business Packages

LastPass’ business packages are said to be customizable. It charges anywhere from US$3 to US$8 per user a month. It also covers anywhere from minimum 5 users to 50 users in a package and beyond, depending on which package you choose.

Our Verdict

LastPass is considered one of the better password management and security software. We’d recommend it for people who have a lot of passwords to keep and wish to maintain a high level of security. Despite it having a breach back in 2015, LastPass still works like a charm and still delivers the stellar security it has always have.

It is recommended for home or personal use as it is made for such manner and environment. That is not to say businesses and enterprises should not choose LastPass, they still can.

Frequently Asked Questions (FAQ)

Here are some frequently asked questions (FAQ).

Q: Is LastPass Safe?

Yes, LastPass is safe. The service is built in a way thatg makes LastPass very secure. LastPass basically encrypts and protects all your passwords and secure info on your computer. It ises a security key that only you know (your master keyword). Then it transmits the encrypted blob to LastPass online servers.

Q: Can LastPass be hacked?

Yes, LastPass can be hacked. It was last hacked in July 2015. The goal of the attack was to obtain access to the password vaults. Fortunately, even though the attackers got into LastPass’ servers, they still cannot steal user passwords. Without your master password, the passwords and other important information and data you store in LastPass will stay encrypted.

Q: Is LastPass free forever?

LastPass has a free version. Its free version is now available (and free) on all devices. You can now use LastPass on any devices anywhere for free. No matter where you need your passwords on your desktops, laptop, tablet, or phone, you can rely on LastPass to sync them for you. All for free.

Leave a Comment