Tom's Guide Verdict
LastPass is still a decent, affordable option for password management, but it has fallen behind its competitors in terms of features and user experience.
Solid security monitoring and emergency access tools
More features on free tier than competitors
Few unique features
Behind competitors in passkey support
Why you can trust Tom's Guide
Platforms: Windows, Mac, iOS, Android, Linux, Chrome OS
Free version: Yes (limited to one device type)\
Passkey support: No
Browser extensions: Chrome, Safari, Firefox, Opera, and Edge
Form filling: Yes
Biometric login: Face ID, Touch ID on iOS & macOS, Pixel Face Unlock, fingerprint readers on Android & Windows
PIN code: Yes
Killer feature: Background security monitoring on all plans
LastPass has long been one of our favorite password managers thanks to its simple interface, premium features, and affordable pricing, and it’s still a solid choice at just $36 per year for individuals and $48 per year for families.
However, other password managers have caught up with and even surpassed LastPass, which now lacks some functionality of similarly priced platforms, including passkey support—and no longer has as many unique features or an unrestricted free option comparable to Bitwarden. The LastPass interface also appears outdated alongside the likes of competitors Keeper and 1Password. Plus, LastPass has suffered a handful of security issues in recent years, which is not something you hope for in a tool meant to protect your passwords.
Our LastPass review will help you decide if this is the best password manager for your needs or if you’d be better off choosing something else.
LastPass review: Costs and what's covered
LastPass has three plans: Free, Premium (individual) and Family. At $36 per year for an individual, the premium personal tier is in line with other similarly featured password managers, while the $48-per-year family plan (up to six users) is cheaper than those of many competitors.
For many years, LastPass' free tier was a steal, with most of the basic features you'd want in a password manager, including unlimited syncing across all your devices. However, the company in early 2021 limited syncing to a single device type: Users on the free plan can access their vaults on mobile or on desktop, but not on both.
Other premium, paid password managers with free tiers have similar limitations, such as the number of devices or number of passwords (or both), so LastPass does still have a leg up. But with Bitwarden offering unlimited free syncing, LastPass may no longer be the top free choice.
That said, LastPass Free users still get to have an unlimited number of passwords, one-to-one sharing, secure notes, limited multi-factor authentication, security tools like password hygiene and dark-web monitoring and the LastPass Authenticator app.
An upgrade to LastPass Premium ($36 annually) unlocks unlimited device syncing, one-to-many sharing, advanced MFA, 1GB of file storage, emergency access, 1-to-1 support and a host of security-monitoring features. LastPass does offer a 30-day free trial so you can test out the premium features.
The LastPass Family plan ($48 annually) has all the same features as Premium with unlimited shared folders for up to six users.
To run the LastPass browser extensions, you must have Windows 8.1 and later or one of the most recent two versions of macOS, Linux or Chrome OS. There are browser extensions for Chrome, Firefox, Safari, Edge and Opera, desktop apps for Windows and macOS, and mobile apps for iOS (14.0 or later) and Android (9 or later).
LastPass review: Setup
To set up LastPass, start by creating an account on LastPass.com with your email address and a strong (and memorable) master password.
You can also enter a password hint, although this step may be unnecessary and perhaps risky since there's also an account recovery option.
Next, you'll be prompted to install the browser extension, though you can access your web vault without doing so. There are basic extensions for major browsers, as well as universal installers for Windows and Linux, which will add full-featured "binary component" extensions to all of your browsers at once. Mac users can grab this via the "full version" Chrome extension.
These "binary" extensions, which will share your login state across browsers and automatically log you in, among other things, may be helpful if you use multiple browsers on your machine though.
Once you're logged into your web vault, you can add individual items or import them from other password managers by uploading an exported file or basic CSV. The import tool can be found under Advanced Options at the bottom of the menu bar.
LastPass has a wide range of built-in item types for passwords and payments as well as health-insurance plans, Wi-Fi credentials and instant-messenger accounts, plus completely customizable templates.
On mobile, download the LastPass app and log in with your email address and master password. On iOS, you'll be asked to enable Face ID right away (or Face Unlock on a Google Pixel) for easier access to your app, or you can turn on biometrics later (Settings > Security) if they're supported on your device.
There are also desktop apps available for both Mac and Windows. You can get the former from LastPass' download page, while the latter is available in the Microsoft store. Both are basically app versions of the web vault.
If you’re on the free plan, LastPass allows you to switch between desktop and mobile three times before locking you into a device type.
I found LastPass' help articles less straightforward and more difficult to navigate than competitors' support sites. If you're new to password management, this may be frustrating.
LastPass review: Desktop
The main way to use LastPass on the desktop is as a web vault and browser-extension combination. The online vault has a left-justified collapsible menu bar with a Home button for viewing all items and shared records, as well as tabs for passwords, notes, addresses, payment cards and bank accounts. LastPass will display items as tiles or in a list, which can be sorted alphabetically or by recent use.
As noted above, though, you can create a range of different item types as well as customized templates. To create a new record, tap the plus sign in the lower-right corner. If you hover over the icon, you'll also see an option to create a new folder.
Further down the main menu bar are options to view your security dashboard, emergency access, account settings and advanced options (import, export, account history, deleted items and one-time passwords).
The security dashboard shows you a password-health report as well as dark-web monitoring of email addresses found in your LastPass account. Once you activate web monitoring, LastPass sets you up to receive an email alert if any of your information is found in a data breach. This service is always scanning in the background and does not need to be requested manually.
The sharing and emergency-access screens show you whom you've granted access to your individual records as well as your entire vault. Emergency access can be activated immediately or up to 30 days after a trusted contact has requested it without a response from you.
The account settings are the clunkiest part of an otherwise straightforward (if somewhat outdated) interface. This is where you can update security preferences, enable multi-factor authentication and view connected mobile devices.
The browser extension has most of the functionality of the web vault. You can view, edit and launch all of your items, add new records, generate and fill passwords, enable auto-login and see recently used credentials.
To autofill in your browser, tap the LastPass icon in the form field and select the correct login. When you need to create a password, LastPass will pop up its password generator in the form field and then ask if you want to add the credential to LastPass.
LastPass review: Mobile apps
Like the web interface, the LastPass mobile app is simple (but less dated). The navigation at the bottom of the screen is for your main vault, your security tools and your account settings. Under the vault tab, you can view all items or tap to open specific record categories.
You can also search for individual items or tap Add in the upper-right corner to create a new record using any of the same item types available on desktop. Plus, you can add attachments like photos, files and even audio recordings to a record.
In the security section, you'll find the password generator, emergency access settings, your password-strength report and the option to switch vaults (if you have multiple identities set up).
Note that while there is an option to tap and view your security dashboard, the mobile app does not actually create that report and instead tells you to go to your web vault to view it.
Finally, the settings tab is where you'll adjust security and login options, such as enabling biometrics, auto logout and account recovery. There is a "Remember Master Password" setting, which when toggled on would autofill and log you into your vault, though even LastPass notes that this is not recommended.
To enable autofill, go to your phone settings and select LastPass as your password manager. LastPass popped up automatically when I tapped the Passwords option above my keyboard in my browser so I could select the correct credentials.
You can also launch sites directly from individual records or by tapping on an item in your main vault, and LastPass will ask if you want to autofill with stored credentials. However, LastPass had a difficult time detecting and filling credit-card fields in multiple mobile browsers.
LastPass review: Security
LastPass operates using AES-256 encryption, which protects your data locally on your device and on the company's servers (and in between). LastPass does not have access to your master password or your vault content.
LastPass is also SOC 2 Type 2 compliant according to the Association of International Certified Professional Accountants (AICPA), which means it can be trusted to securely handle consumer data, and the company undergoes regular security audits.
All LastPass plans include two-factor authentication options for vault access. Free users can enable MFA with apps like LastPass Authenticator, Google Authenticator, Microsoft Authenticator, Duo and more. Premium subscribers can also use hardware keys like YubiKey as well as fingerprint and smart-card readers.
Finally, LastPass offers account recovery if your master password is lost. The best option is to use a one-time password on a device you've previously used with LastPass. These are generated automatically and stored locally on any device on which you've logged into the extension or web vault and are used as part of the email verification to recover your account.
Alternatively, you can recover your account via SMS or using a password hint previously set up, but neither of these processes are very secure. On mobile, you can toggle the option to use biometrics for account recovery, though anyone with a biometric profile on your device will be able to access your vault.
Note that LastPass suffered a major hack in 2022. While the company reported that no user passwords or data were compromised, the breach was one in a string of security issues for the platform.
LastPass review: Passkeys
As of November 2023, LastPass does not support creating, storing and editing passkeys in user vaults — making it the last of the major password managers to launch this feature. However, the company states that this functionality is coming soon.
LastPass review: Bottom line
LastPass is still worthy of consideration with its affordable price point (especially its $48-per-year family plan) and feature set consistent with other premium password managers.
However, unlike its competitors, LastPass has not evolved much visually or functionally since our last review: it has nixed some of its standout features over the years, and it now falls behind most of its competitors, including similarly priced 1Password and Keeper, on passkey support. Thanks to device restrictions, its free tier cannot keep up with the no-cost plan offered by Bitwarden and even the free plan available from NordPass is slightly less limited.
Emily Long is a Utah-based freelance writer who covers consumer technology, privacy and personal finance for Tom's Guide. She has been reporting and writing for nearly 10 years, and her work has appeared in Wirecutter, Lifehacker, NBC BETTER and CN Traveler, among others. When she's not working, you can find her trail running, teaching and practicing yoga, or studying for grad school — all fueled by coffee, obviously.