LastPass vs. 1Password: should you switch?
In light of LastPass breaches, it's hard to recommend it as a password manager. But is 1Password a worthy alternative?
LastPass and 1Password are two of the most popular password managers, and for good reason. They each offer a robust suite of security tools to protect your passwords, They are also readily accessible across difference devices, boasting such features as autofill, app support for a range of operating systems, and handy password generation.
But security breaches have brought the reputation of LastPass into question, making the LastPass versus 1Password head-to-head comparison all the more relevant.
Should you use LastPass?
Before we dig into the specifics of how these two password managers compare, we need to address the elephant in the room: is LastPass safe to use?
LastPass suffered a series of security incidents in 2022 that lead to the theft of customer names, email addresses, billing addresses, partial credit card numbers, and encrypted user data, including login usernames and site passwords. Although none of the user password data was stolen in a readable form, its security is entirely dependent on the strength of the user’s master password and how strongly it was encrypted.
That led major security outfits and researchers to condemn LastPass, and recommend that no one use it, even encouraging existing customers to migrate to other services.
Although LastPass is likely a better solution than not using a password manager, it is probably best to use a competing password manager until LastPass can be confirmed as a safe and secure platform for password storage again.
Password protection
The most fundamental feature that every password manager needs to get right is protecting your passwords. Both LastPass and 1Password utilize a master password system to lock up all your login credentials in a robust digital vault.
LastPass
LastPass passwords are stored on its remote servers, but they are protected using 256-bit AES encryption. While that might be the case, security firms looking into the recent LastPass breaches found that LastPass’ hashing system for master passwords is not as strong as it could be, resulting in some researchers suggesting that a master password could be cracked for just $100.
This is a shame, as LastPass employs a “Security Challenge” that looks at the complexity of your passwords, then lets you know whether they’re strong enough, which at least encourages strong passwords. If they’re not, you can use its built-in password generator to create replacements that are far harder for humans and machines to guess.
LastPass also offers multifactor authentication using several potential options, including its two-factor solution and those provided by third parties like Google.
1Password
In comparison, 1Password stores its password data locally and only copies it to the cloud for syncing across multiple devices. Just like LastPass, it encrypts all data before it leaves your PC with 256-bit AES encryption, so even if someone were to gain access to it, they wouldn’t be able to read it.
1Password/1PasswordAlong with a master password, 1Password utilizes a “secret key” that never leaves your login devices and is required for logins. That holds some advantages over multifactor authentication, though it does mean that 1Password does not have the option of hardware- or software-based third-party authentication systems. It does offer fingerprint logins for those who prefer to use biometrics to authenticate themselves.
And 1Password also helps you generate new passwords based on your preferences, using combinations of words, digits, and symbols with a customizable length.
In case you ever lose your login credentials, 1Password offers an “emergency kit” PDF file that you can store digitally or print off. It contains every credential you need to gain access to your account, so it’s best to store it somewhere very safe. Still, it provides a real-world backup should you forget your master password or other related login information.
Features
Both LastPass and 1Password support a variety of platforms, including Windows, Mac, Linux, iOS, and Android, though LastPass has a slight edge with the addition of WatchOS support. Both password managers also offer extensive browser plug-in support across Chrome, Firefox, Edge, and Safari. Finally, 1Password also supports the Brave browser, while LastPass also supports Opera.
LastPass and 1Password also both support the storage of secure documents up to a specified file size limit. Both services can store bank details, credit card credentials, and addresses.
When it comes to sharing passwords with friends and family, both services make it easy to accomplish. While 1Password offers a unique family URL for you to give different people access to your vault, LastPass provides a specially crafted sharing folder just for those family-friendly logins.
The Watchtower feature offered by 1Password is one that often sets it apart from the competition. It keeps an eye on websites that have been hacked, and if you have an account on them, it will let you know you need to change your password. LastPass offers something similar, but it’s not quite as accessible, as it’s only available within the “Security Challenge” tool.
LastPass’s solution, however, does warn you of reused passwords and any you have stored that it considers weak, prompting you to use the best personal security practices.
Ease of use
An intuitive, clean user interface is paramount for any application, password managers included. Although it is somewhat more subjective than the other categories in this comparison, it’s still an important consideration to make.
We found 1Password’s interface almost too clean, with large white spaces in both its online and offline tools that leave you clicking through successive menus to find what you’re looking for while you’re still learning how it works. Everything is laid out neatly, but it’s not immediately obvious where everything is.
LastPass, on the other hand, was a breeze. Its extension-focused platform, clearly color-coded menu system, and use of more common multifactor authentication devices meant we felt immediately more at home using it than we did using 1Password.
Pricing
In terms of cost, 1Password offers a 30-day free trial for its services, but no permanent free solution. If you want long-term password storage and security with 1Password, you need to cough up $3 a month for a personal account, paid annually. That gets you a single login for unlimited devices, with access to the apps and web app, a gigabyte of secure document storage, and 365-day item recovery.
For a more expanded account, the 1Password family option is priced at $5 a month and gives you similar capabilities, with up to five different logins — additional ones can be had for $1 a month each. You get everything in the personal account, plus password sharing, permission control, and an account recovery system.
On the other hand, LastPass has a permanent free account system that gives you password storage for one user and access to its online extension, multifactor authentication, and its secure notes storage. Even if you sign up for the free version, LastPass allows you to try the Premium service for 30 days.
The upgrade, which you can keep for just $3 a month, includes a gigabyte of encrypted file storage, increased priority from tech support, emergency access, and password sharing — all features we feel are worthwhile if you like the Premium version better.
LastPass offers another tier geared toward families. If you choose the “Families” option, you’ll be able to share your account with up to six people; even the premium features can be accessed on every account. This tier is just a little more than the Premium version at a cost-effective rate of $4 a month.
LastPass is simply more cost-effective than 1Password regardless of the level you select. Though both LastPass and 1Password offer individual and family plans that have similar features, LastPass is the more affordable choice.
Overall winner: 1Password
As much as the product LastPass offers is competitive in features and pricing, 1Password is almost as good, and it hasn’t suffered the major breaches that LastPass has. Until LastPast can clean house and demonstrate that is a secure and safe password manager again, it’s impossible to recommend.
Today's tech news, curated and condensed for your inbox
Check your inbox!
Please provide a valid email address to continue.
This email address is currently on file. If you are not receiving newsletters, please check your spam folder.
Sorry, an error occurred during subscription. Please try again later.