Manual Thomas
Updated on: December 29, 2024
Fact-checked by Kate Davidson
Update December 2024: LastPass, once a leading password manager, has faced a series of security breaches in recent years that have significantly eroded user trust.
These incidents are part of a concerning pattern that raises serious questions about LastPass’s ability to protect sensitive user information. For a password manager, security and trust are paramount, and LastPass has repeatedly failed to meet these critical standards.
Given this history of breaches (in 2015, 2021, and 2022), and the potential risks to user data that continue to this day, we no longer recommend LastPass as a reliable password management solution.
Users seeking a more secure alternative may want to consider options like 1Password or Dashlane, which have maintained stronger security records without ever experiencing security incidents.
LastPass is a password manager that offers both free and paid plans, with the free plan offering unlimited password storage.
Deciding whether LastPass is worth it depends on your specific needs. In my opinion, LastPass is not worth the upgrade — in fact, due to serious security breaches LastPass has repeatedly faced, I’d argue that even its free plan is not worth the risk. Still, if you want to compare features and costs, read on for a full breakdown.
What Does LastPass Offer?
LastPass is an easy-to-use, feature-rich password manager with:
User-friendly password vault
LastPass’s vault is simple to use and lets you add a wide range of entries like passwords, secure notes, payment cards, passports, and more. All entries are protected by military-grade 256-bit AES encryption.
Password sharing
LastPass makes it easy to share passwords. All you need to do is click the sharing button next to an entry, enter the recipient’s email, and choose whether they can view the password or just use it — you can even share multiple items using the Sharing Center. On top of that, you can revoke access anytime, adding an extra layer of security.
The Free plan allows sharing with 1 person, while the paid plans allow sharing with multiple recipients.
Security dashboard with dark web monitoring
LastPass’s Security Dashboard is a tool for monitoring your overall password security practices and making changes when necessary. It provides a detailed security score that evaluates strength, age, and uniqueness of passwords, allowing you to quickly identify and fix weak passwords.
LastPass also offers dark web monitoring, powered by Enzoic’s database — it scans your vault for compromised emails, alerts you to potential breaches, and provides detailed information about leaked data.
Multiple account recovery options
LastPass offers a wide array of account recovery options. If you forget your master password, you can regain access to your vault through several convenient options — including mobile account recovery using biometric authentication (Touch ID or Face ID), receiving a master password hint via email, and SMS recovery codes. Additionally, LastPass allows you to restore a previous master password within 30 days or use a one-time password generated during browser extension logins.
I tested every method, and each one allowed me to recover my account and set up a new master password in less than a minute.
Different LastPass Pricing Options
LastPass Free
LastPass Free offers unlimited password storage on unlimited mobile devices or computers (but not both), along with features like:
- Cloud storage (limited to just 50 MB).
- Password generator.
- Password auto-save and auto-fill.
- Password sharing.
- Security dashboard.
- Dark web monitoring.
- Two-factor authentication.
- LastPass Authenticator.
LastPass Premium
By upgrading to LastPass Premium (£1.18 / month), you’re unlocking 1 GB of encrypted data storage, advanced MFA options, and emergency access. The latter is especially useful — it allows you to give your loved ones access to your account in case of an emergency.
LastPass Families
LastPass’s Families plan, which comes in at £1.57 / month, covers up to 6 users. It includes all Premium features plus:
- Family manager dashboard.
- Unlimited shared folders.
LastPass Teams
LastPass Teams costs £2.20 / month per user. It’s designed for up to 50 users and includes features like a private vault for each employee, shared folders, and an admin portal with basic reporting and user access control.
LastPass Business
LastPass’s Business plan, priced at £4.39 / month per user, offers advanced features for larger organizations. In addition to all Teams features, it includes:
- Over 100 customizable security policies.
- Authentication for SSO/Cloud apps.
- Free LastPass Families account for employees.
- Extensive SSO reporting.
- Add-ons for Advanced SSO and Advanced MFA are available at an additional cost.
How Does LastPass Compare to the Best Password Managers in 2025?
1Password is my top choice above LastPass because it has an impeccable track record with several independent audits. On top of that, it has great extras like Travel Mode, Privacy Cards, and email masking, while LastPass doesn’t have any of these extras. Dashlane, on the other hand, offers a VPN as well as live dark web monitoring. RoboForm is way better at form filling than LastPass, very affordable, and I really like its bookmark storage feature.
Security Improvements
In response to past security incidents, LastPass has attempted to enhance its security infrastructure. To that end, it implemented:
Strengthened master password requirements — LastPass now enforces a 12-character minimum for master passwords, encouraging users to create stronger, more complex passwords that are harder to crack.
Improved monitoring and alert systems — The company has upgraded its monitoring systems to detect and respond to unauthorized activity faster. This includes implementing real-time alerts and comprehensive logging to track suspicious actions.
Regular security audits — LastPass conducts regular security audits and vulnerability assessments with independent cybersecurity firms to identify and mitigate potential risks. These audits help ensure that LastPass remains compliant with the highest security standards.
Increased investment in security teams — LastPass has established a dedicated threat intelligence team composed of experienced security professionals. This team is responsible for proactively identifying and addressing emerging threats.
Rotated credentials and access controls — Following the breaches, LastPass has rotated all relevant credentials and implemented stricter access controls to limit the exposure of sensitive information. This includes using multi-factor authentication for internal access to critical systems.
User education and awareness — LastPass has increased efforts to educate users on best security practices, including creating strong passwords and recognizing phishing attempts.
Enhanced cloud storage security — The company has bolstered its cloud storage security by adding multiple layers of protection, including advanced encryption and regular security updates, to safeguard user data from unauthorized access.
Transparent communication — LastPass has committed to transparent communication with its users regarding security practices and incidents. This includes timely updates and detailed reports on any security-related issues and the steps taken to resolve them.
However, in December 2024, reports surfaced, connecting the 2022 LastPass breach with a major cryptocurrency theft. While this does not represent a new breach, and while LastPass maintains that there is no sufficient evidence that the data stolen back in 2022 was exploited, it shows that the consequences of such security incidents can potentially have long-lasting effects.
Is LastPass Worth It in 2025?
In 2024, LastPass is not worth using as a password manager due to ongoing security concerns and a troubling history of data breaches. Despite its user-friendly interface and comprehensive features, the risks associated with LastPass outweigh its benefits. And with so many alternatives with a spotless track record, I just don’t see the reason to start or continue using LastPass, especially its paid version.
Frequently Asked Questions
Is LastPass still recommended?
No, we no longer recommend using LastPass to store your passwords. While it does offer a decent set of features, including unlimited password storage, secure notes, and a password generator, LastPass has experienced repeated security breaches, with the exploitation of stolen data potentially continuing to this date. That’s why I recommend switching to alternatives like 1Password or Dashlane, which have never been hacked.
Can LastPass be hacked?
Yes, LastPass can and was hacked several times in the past, including credential stuffing attacks in 2021 and a major data breach in 2022, causing concerned users to switch to alternatives like 1Password or Dashlane.
Is there a better alternative to LastPass?
Yes, there are many better alternatives to LastPass. 1Password, for example, offers a clean security record and unique features like Travel Mode and Privacy Cards. It’s also more flexible for families, allowing you to add additional users for a small fee. Dashlane is another great option, with advanced features like a built-in VPN and live dark web monitoring. Even for those looking for a free solution, there are better, more secure options than LastPass, such as RoboForm or Avira.
