This comprehensive guide covers everything you need to know about password management app LastPass, including recent restrictions on free accounts.
Not all password managers are created equal, and LastPass is one of the standout options. Available for almost every OS, browser, and mobile platform on the market, LastPass is designed to have you safe, secure, and encrypted wherever you happen to be.
TechRepublic's cheat sheet about LastPass is a quick introduction to this password management app, as well as a "living" guide that will be revised periodically as new updates and versions are released.
SEE: LastPass password management app: A cheat sheet (free PDF) (TechRepublic)
- What is LastPass? LastPass is a robust password management tool available on most computing platforms and as a browser plugin. If installed in multiple locations it will sync, allowing for secure and easy password management.
- Why does LastPass matter? Like all other password management apps, LastPass matters because of the sheer volume of online logins the average person regularly contends with. Hacking/cracking passwords is becoming simpler all the time, making good password management essential.
- Who does LastPass affect? Anyone using the internet is affected by LastPass. The average internet user has 70-80 passwords. That's a lot to remember, and many are likely reused or insecure.
- Is LastPass free? LastPass was initially released in 2008 as a simple browser plugin and has since become a robust application suite. In early 2021, LastPass announced a major change for free users: They have to choose between password syncing on computers or mobile devices, and universal sync is now restricted to paid members.
- What are some alternatives to LastPass? If you don't want to pay for universal device sync, or simply want a different platform, a number of alternatives are available from both third-party vendors and companies like Apple and Google.
- How do I get LastPass? You can download LastPass for free on its website or from your respective mobile app store.
SEE: Password Management Policy (TechRepublic Premium)
What is LastPass?
Put simply, LastPass is a digital vault where you can safely store passwords without fear of their being discovered. Plenty of people are in the bad habit of keeping a notebook in their desk drawer or sticky notes on the underside of their keyboard with passwords on them; LastPass is the cure for that incredibly dangerous practice.
All of the data you store in LastPass is encrypted using the AES-256 standard. This level of encryption is used by the US government to protect top secret information; a 2013 paper said there is no computationally feasible way to brute force crack it, and as of 2021 nothing has changed. That means your passwords are safe.
In addition to AES-256 encryption of your password vault LastPass communicates with its servers using PBKDF2 SHA-256 and salted hashes for an extra layer of security between the app on your phone/computer and LastPass' servers.
- Five types of browser extensions every professional should have (TechRepublic)
- Extra security or extra risk? Pros and cons of password managers (TechRepublic)
- Google: These new password protection features are coming to Chrome (ZDNet)
Why does LastPass matter?
Think of the number of websites and applications you have passwords for. If you're like the average American, it's somewhere between 70 and 80, which is a lot of information to remember.
We'd all be lying to ourselves, of course, if we said each of our accounts had a unique, secure password. Most of us use the same one--or a slight variation--over and over again. Repeated use of passwords poses a serious security risk that can be eliminated by apps like LastPass.
Another common method of password theft is malware that logs keystrokes: All a hacker needs to do is read off the website you typed in along with your username and password to get instant access.
LastPass circumvents keyloggers in two ways: It can autofill passwords once you're logged in and it also offers a virtual keyboard that you can click on with your mouse. Avoiding keystrokes while typing in passwords or using an onscreen keyboard, along with robust encryption, leaves you protected in a way you can't get with other methods.
LastPass can also generate random, complex passwords that you won't have to worry about remembering, provided you have it set up to sync across your devices.
- How to add a simple password manager to Ubuntu Touch (TechRepublic)
- Passwords have a dopey equal in Things on the Internet (ZDNet)
- How to use Dropbox Passwords as your password manager (TechRepublic)
- Password managers: Is it OK to use your browser's built-in password management tools? (ZDNet)
Who does LastPass affect?
If you are reading this, LastPass probably affects you. Anyone who uses a computer or smartphone to log into an account can benefit from LastPass: It provides several layers of added security to prevent theft of passwords and important personal data.
In 2019, 14.4 million Americans (around 6.67%) were victims of identity theft--a number that's held roughly steady for the past several years. A paranoid level of identity protection is essential in the internet age, and LastPass can eliminate much of the legwork.
- 5 best password managers for Android (TechRepublic)
- Do you save passwords in Chrome? Maybe you should reconsider (ZDNet)
- Firms that force you to change your password are clueless says cyber security chief (TechRepublic)
- Lust for public Wi-Fi trumps security concerns (ZDNet)
- Upgrade your personal security with a password manager or security key (TechRepublic)
Is LastPass free?
LastPass was originally released in 2008 as a browser plugin. Since then it has grown into a desktop application and mobile app along with its original browser-based form.
LastPass is free, but there are also premium options for home users and enterprises. Both offer more features, such as shared accounts for family access and administration consoles for business users.
Prior to November 2, 2016, LastPass' free version had a serious restriction: Passwords stored on one device wouldn't transfer to another. If, for example, you stored banking credentials on your desktop, you wouldn't be able to retrieve them on your smartphone. Luckily, that feature is now free, but with a big caveat imposed in February 2021: Free users can only sync passwords on computers or mobile devices, and not between those two platforms.
SEE: How to manage passwords: Best practices and security tips (free PDF) (TechRepublic)
Anyone using LastPass without paying for a subscription (prices start at $36 USD annually) will, on March 16, 2021, have to choose one of the two platforms, mobile or computer, to sync passwords to. The other platform will simply stop working unless you opt to pay the yearly fee, which LastPass has discounted to $27 USD for new Premium or Family customers paying for their first year. After that the price increases back to $36/year.
- Ditching LastPass? Here are some alternatives to try (ZDNet)
- LastPass brings free password management to all your devices (ZDNet)
- "123456" tops list of most common passwords for 2020 (TechRepublic)
- Phishing is another problem solved by password managers (ZDNet)
What are some alternatives to LastPass?
If the lack of synchronization available to free users is enough to make you want to switch to a different password manager, there are a number to choose from, as TechRepublic sister site ZDNet pointed out.
Depending on what platform you use, you could opt for a first-party password manager, like Apple's iCloud Keychain, which is integrated with Mac and iOS devices. Likewise, Google has Chrome Password Manager that syncs passwords across Android devices and to Chrome browsers on systems like Windows and MacOS, provided you log in with the same account.
In terms of third-party password managers, a number of options are available:
- Zoho Vault is free and syncs across as many devices as a user wants. Premium features include auto-generated passwords and two-factor authentication.
- NordPass, from the makers of NordVPN, is also free and syncs across unlimited devices. The limitation for this app comes in the form of being able to only be logged in to one device at a time.
- LogMeOnce has a free plan with many of the features reserved for paid customers on other services. The tradeoff in this case is that the free tier is ad supported.
Additional free password managers are available, but many place restrictions on multi-device sync or other features. If one of the above-mentioned products doesn't fill your password management needs, be sure to read product descriptions closely before investing time into a product that is less useful than you thought.
- Password managers: A cheat sheet for professionals (TechRepublic)
- Best password manager in 2021 (ZDNet)
- Dropbox adds password manager, vault, and other security features (TechRepublic)
- 1Password: My favorite password manager is an essential security tool (ZDNet)
How can I get LastPass?
LastPass is available on a variety of platforms--pretty much anyone using any device can install it. Simply navigate to LastPass' website and click on Get LastPass Free to be instantly taken to the mobile app store or browser plugin install screen applicable to your device.
You can also click on Download to see other options for installation, such as the desktop apps available for Windows, macOS, and Linux.
- Five utilities that help protect your online privacy (TechRepublic)
- How to eliminate passwords? It can't be done (ZDNet)
- Apple's Chrome extension will let Windows 10 users save passwords to iCloud Keychain (ZDNet)
- 14 privacy tools you should use to stay secure (ZDNet)
- Microsoft is rolling out password monitor, tab sync, sleeping tabs and other new Edge features (ZDNet)