Is LastPass Still a Secure Option?
Password managers are an overwhelmingly important part of your cybersecurity toolkit. But not all password managers are the same — as LastPass users unfortunately found out at the end of 2022.
In late 2022, LastPass informed their customers that they had been hit by two massive security breaches and that users’ entire password vaults had been compromised [*].
While LastPass claims that users are safe (due to the fact that the company doesn’t have access to their master passwords), security experts say this is misleading.
According to LastPass’ own research, 62% of people always or mostly use the same password for different accounts [*]. And with more than 163 million personal records leaked in 2022, this means that your LastPass master password could be available to hackers.
If you’re a current LastPass user, or just looking to set up a new password manager, you should know what options are available to you.
In this guide, we’ll explain why you should consider a LastPass alternative, and then cover five of the best password managers in 2023.
Why You Should Consider a LastPass Alternative in 2023
Increasingly, scammers are after your account passwords — even more than your Social Security number (SSN). Password managers safely store your passwords behind military-grade encryption. This means that they’re always on hand for you but protected from hackers.
LastPass is a password manager that can help you generate and store passwords, and then quickly access them using one master password (or the LastPass Authenticator app).
With an affordable price point and a stack of useful features, LastPass has been one of the top options since it launched. However, recent data breaches and security incidents have seen users switching to competitors en masse.
Here’s why you should consider a LastPass alternative in 2023:
- Security uncertainties after recent data breaches. In August 2022, LastPass was hit by a massive data breach that exposed entire password vaults. Even worse, the company’s announcement came five months after the initial breach — leaving customers in the dark about the potential risks.
- It has a severely limited free version. Free user accounts offer a choice between desktop and mobile. This means that you have to pay for LastPass Premium (or switch to another password manager) if you want a cross-device tool.
- Questionable marketing and breach responses. Since the data breach, LastPass has been slow to release information. Several cybersecurity experts have also questioned the honesty and transparency of their response [*].
- Low level of security for older accounts. Most password managers use 100,000 iterations (or more) of a password-strengthening algorithm to improve security. This means that a criminal needs to perform the same number of calculations to brute-force the password. But some older LastPass accounts are secured with only 5,000 iterations, meaning they’re easier to crack.
The 5 Top Paid and Free Password Managers
- Aura: Comprehensive digital security
- Bitwarden: Budget-friendly (but less user-friendly)
- 1Password: Premium service (paid version only)
- Dashlane: Easy-to-use with additional features
- KeePass: Free, no-frills password manager
While LastPass might have been a good choice in the past, many security experts are now recommending that users switch to another tool [*].
Here are five of the best paid and free password managers to choose from in 2023:
1. Aura: Comprehensive digital security with integrated password manager
Aura is an all-in-one security solution that helps keep you and your entire family safe from online threats.
While Aura is known for its award-winning identity monitoring and fast fraud alerts, every Aura plan also includes powerful digital security tools that can help keep your passwords, accounts, and devices safe from hackers.
Aura’s included password manager works across most major browsers as well as Android and iOS devices. Aura secures your passwords with 256-AES (Advanced Encryption Standard) — the same encryption technology used by major banks and the military.
Aura proactively monitors your passwords online (and on the Dark Web), and will alert you if your credentials have been leaked in a data breach. Plus, with just one click, Aura can automatically update your passwords with stronger options on certain sites.
Why should you choose Aura as a LastPass alternative?
- More than just a password manager. Aura is constantly releasing new advanced features to protect you from online threats. This includes powerful antivirus software, a military-grade virtual private network (VPN), Safe Browsing and anti-track tools, and more.
- Dark Web monitoring with leaked password alerts. Aura constantly monitors the Dark Web for your personal information and passwords. If your passwords are for sale, Aura will let you know so you can update them.
- One-click password updates for weak or compromised passwords. On supported sites, Aura's password generator can create and change your password with a single click.
- Three-bureau credit monitoring with one-click credit lock. Aura monitors the three major credit bureaus for suspicious activity and can alert you up to 4x faster than competitors. You can also instantly lock and unlock your Experian credit file with a single click.
- Up to $5 million in identity theft insurance. Every adult member on an Aura plan is covered by a $1 million insurance policy that covers eligible losses due to identity theft.
What are Aura’s pricing and plan options?
Aura offers three plans: Individual, Couple, and Family. All three plans include Aura’s suite of premium digital security features (including a secure password manager). The only difference is in the number of supported users and devices.
- Individual: $12/month (billed annually) with support for one user across 10 devices.
- Couple: $22/month with support for two users across 20 devices.
- Family: $37/month, providing support for five adult users and unlimited kids. The family plan also includes family identity theft protection, parental controls, and child SSN monitoring.
The bottom line: The best option for comprehensive digital security
For individuals, couples, and families in the United States you can’t get better, more comprehensive digital security than with Aura. Aura ensures that you and your loved ones are protected from the risks of unsafe passwords and ID theft.
2. Bitwarden: Budget-friendly (but less user-friendly) password manager
Bitwarden is an open-source password manager that uses AES-256-bit encryption to store passwords. It’s one of the better-known (and affordable) password managers.
Why should you choose Bitwarden as a LastPass alternative?
Bitwarden has all of the security tools you’d expect in a quality password manager. This includes two-factor authentication (2FA), password security auditing, breach monitoring, and local hosting.
Bitwarden’s code is open-source, which means anyone can check over it. The company also uses a zero-knowledge, end-to-end encryption model (making it nearly impossible for your passwords to be leaked).
What are Bitwardens’s pricing and plan options?
Bitwarden offers three subscriptions: Free, Premium, and Families.
- Free: Provides support for unlimited devices and passwords, as well as a password generator, data breach scanner, identity storage, and self-hosting options (rather than cloud storage).
- Premium: $10 annually (or less than $1/month). In addition to everything in the free plan, Bitwarden Premium offers password auditing tools, multi-factor authentication, emergency access, 1 GB encrypted storage, password-sharing options, and priority customer support.
- Families: $40 annually ($3.33/month). Bitwarden Families offers everything in the Premium plan, plus support for six users.
Bitwarden also offers business subscriptions for small teams and enterprises.
The bottom line: A great option for budget-conscious users
Bitwarden is a secure and reliable basic password manager that’s available at a great price point.
While it’s less intuitive to use than some of its competitors, Bitwarden makes up for this with solid features that help prevent account takeover fraud. The free version is also one of the best, lightweight, no-cost password managers that you’ll find on the market.
💡 Related: What To Do If a Scammer Has Your Email Address →
3. 1Password: Premium password manager (paid version only)
1Password is one of the most highly-rated password managers on the market thanks to its wide range of security features.
Why should you choose 1Password as a LastPass alternative?
- Secure AES-256 encryption. This is the same encryption used by banks and governments (and Aura) to secure data.
- Multiple password vaults. You can create a different vault for forms, passwords, documents, credit cards, and more.
- Travel Mode. When you travel, customs officials will occasionally request access to your device. Travel Mode lets you hide certain vaults so that they will be inaccessible.
- Watchtower. This feature lets you know when your passwords are vulnerable or have been compromised in a breach.
- Privacy cards. This feature hides your payment card information when making online purchases. Available to U.S. customers only.
What are 1Password’s pricing and plan options?
1Password offers subscriptions for individuals, families, and teams:
- Personal: $2.99/month including support for unlimited devices for one user.
- Family: $4.99/month including support for unlimited devices for up to five users and five guests.
- Business: $7.99/month per user with several additional business-focused security features.
The bottom line: Fantastic option for those who want just a password manager
1Password is a great choice for individuals and businesses that need to protect their privacy at home and abroad. It offers a stack of features and support for all major devices, along with a strong history and good customer reviews. However, the lack of a free plan and other digital security features may turn off some users.
💡 Related: What Is Credential Stuffing (and How To Protect Yourself) →
4. Dashlane: Easy-to-use password manager with additional features
Dashlane packs all of the most important password security features into a user-friendly tool. Dashlane makes it easy to import, generate, and share passwords, activate two-factor authentication (2FA), and check the health and strength of your passwords.
Why should you choose Dashlane as a LastPass alternative?
- Solid password management features. Dashlane includes 2FA, biometric authentication, password-sharing options, auto-fill capabilities, powerful encryption, and password checkers to help you generate new, strong passwords.
- Zero-knowledge protocol. Dashlane stores no user data; so in the case of a data breach, your passwords remain secure.
- Built-in VPN. Apart from Aura, Dashlane is the only security solution to provide both a password manager and a VPN to protect your data.
- Easy to install and use. Dashlane’s web app is available on all major browsers including Google Chrome, Safari, and Firefox, and can be installed with a single click.
What are Dashlane’s pricing and plan options?
Dashlane has four main plans:
- Free: Barebones, basic password management features only.
- Advanced: $3.49/month with unlimited devices (for one user) and a Dark Web monitor.
- Premium: $3.99/month including everything in the Advanced plan plus a built-in VPN.
- Friends and family: $5.99/month including everything in the Premium version with a dashboard for multiple users.
Dashlane also offers plans for business users, providing team and enterprise-level capabilities.
The bottom line: Expensive digital security solution
Dashlane is undoubtedly one of the best password managers, but its price can turn off many users. However, if you’re looking for a powerful manager with a few additional security features, Dashlane might be the best choice for you.
💡 Related: How Do Hackers Get Passwords (and How To Stop Them) →
5. KeePass: Free, no-frills password manager
KeePass is a free, open-source password manager that provides more transparency than many other companies. However, while security-conscious users will appreciate the transparency, KeePass lacks many of the features that have come to be expected in modern password managers.
Why should you choose KeePass as a LastPass alternative?
With AES-256-bit encryption, local hosting, and open-source code, KeePass can be trusted to securely store unlimited passwords. It should be completely safe from server-level threats (like data breaches).
What are KeePass’ pricing and plan options?
KeePass is completely free, but offers two versions:
- KeePass 1.x: An older version with limited features.
- KeePass 2.x: The newer version of KeePass with many additional security features (recommended).
The bottom line: Best for tech-savvy users looking for a free option
KeePass is a decent choice for tech-savvy users and will offer far better security than LastPass. KeePass has a good track record, and multiple cybersecurity experts have inspected the code, ensuring that it’s safe to install and use. However, other password managers offer more features in easier-to-use software.
💡 Related: How To Remember Passwords (and Secure Your Accounts) →
How Hard Is It To Switch Password Managers?
Most password managers let you export your passwords and import them to a new service. If you’re switching from LastPass to another provider, it’s easy to export your passwords in CSV format.
Start by selecting the LastPass icon in your web browser’s toolbar, and then select Log In. Sign in to your account using your LastPass master password and 2FA (if enabled).
Once logged in, navigate to Advanced Options in the left-hand toolbar. Then, under Manage Your Vault, select Export.
Enter your master password, and select Continue. The CSV file will now download automatically.
Note: This is for the latest version of LastPass. In older versions, navigate to Account Options > Advanced > Export > LastPass CSV File.
When you install your new password manager, you’ll be prompted to import previous password information. Simply select the CSV file you’ve downloaded, let the new manager import your data, and you’re all done.
The Bottom Line: Passwords Are Only Part of Your Digital Security
Choosing a password manager comes down to trust and your digital security needs. In terms of online protection, the worst thing you can do is use non-unique passwords and store them in an insecure way.
So, what’s the best LastPass alternative? Here are our final rankings, along with what type of user each password manager will likely best suit:
- Aura: For individuals and families looking for an all-in-one digital security solution (including a robust password manager) to protect their personal information online.
- Bitwarden: For users looking for a lightweight and affordable password manager.
- 1Password: For those who need an easy-to-use, advanced password manager with unique features.
- Dashlane: For businesses or advanced users looking for powerful password management features without identity theft or financial fraud protection.
- KeePass: For tech-savvy people who need a barebones, free password manager.
While password managers are essential tools, you need more than just secure passwords to keep your online accounts safe.
A comprehensive, all-in-one digital security solution can keep your passwords safe — as well as protect your devices from malware, safeguard your identity, and ensure that no one accesses your financial accounts without you knowing.
Aura’s powerful password manager will help store and generate strong passwords. But it’s just a small part of the rich, proactive feature set that makes Aura an award-winning digital security solution.