Widely-adopted password manager with strong autofill and large enterprise install base
LastPass was the world's most popular password manager by install base before its 2022 security incidents, which involved significant data breaches affecting encrypted vault data. Despite these events, it retains tens of millions of users due to its strong autofill, browser extension polish, and enterprise admin features. Its continued large-scale enterprise deployment reflects the inertia of established credential management programs.
LastPass is a strong fit if its core strengths match your workflow, budget, and support needs. Use the quick signals below before opening the full review.
LastPass's review must address its 2022 security incidents directly. In December 2022, LastPass disclosed that attackers had obtained encrypted vault data alongside metadata — meaning encrypted password vaults were exfiltrated. Vaults are protected by master passwords, and strong master passwords with PBKDF2 iterations provide meaningful protection; weak master passwords do not. This event is a material factor in any LastPass evaluation.
The 2022 breach involved encrypted vault data being copied from LastPass's cloud storage. LastPass's zero-knowledge architecture means the company cannot decrypt vaults — the protection depends entirely on master password strength and iteration count. Users with strong, unique master passwords and high PBKDF2 iterations remain well-protected; users with weak master passwords should have changed all stored credentials. This distinction matters for honest evaluation.
Apart from the security events, LastPass's product quality remains high. Its browser extension autofill is widely considered one of the most reliable in the category. The enterprise admin console provides detailed policy controls, reporting, and SSO integrations with Azure AD, Okta, and other identity providers. For organisations with extensive LastPass SSO integrations, migration costs are real and substantial.
New individual and family users have better alternatives in Bitwarden and 1Password — both offer comparable features with stronger recent security records. Enterprise organisations with existing investments should conduct a formal risk assessment weighing migration costs against continued exposure. LastPass's response and subsequent security improvements are documented and worth evaluating.
Score: 8.0/10 — Strong product historically; 2022 security incidents require individual risk assessment before recommending for new deployments.
Free
Free billed annually
$3/mo
$36/mo billed annually
$4/mo
$48/mo billed annually
$4/mo
$48/mo billed annually
LastPass is best for Enterprise organisations with existing LastPass deployments and SSO integrations that face high migration costs, Users who have used LastPass for years and find autofill quality a primary decision factor, Teams evaluating their options should thoroughly assess the 2022 breach details before recommending continued use.
Yes. LastPass currently lists a free plan in ToolRankr data.
It has a free plan.
LastPass is reviewed using ToolRankr's scoring model for ease of use, value, features, support, and overall quality. Affiliate links may earn a commission, but sponsored labels do not change editorial scoring.
Get major pricing, feature, and ranking changes for tools you care about.
