LastPass Review: Features, Pricing, Pros and Cons (2025)

Updated on
July 16, 2025
10 min
read
Aditya Santhanam
Founder and CTO, Infisign
Contents
Neque porro

Key Takeaways:

  • LastPass's primary products are its password management solutions. These are tiered for personal, family, and business use cases.
  • In addition, the platform's portfolio extends beyond basic password storage. It includes advanced features like a Security Dashboard, which lets users look into their password strength. It also has dark web monitoring for compromised credentials and secure sharing capabilities for teams and families.
  • Consequently, despite its functional strengths, the company's history is permanently marked by the 2022 breach. In this event, attackers not only got into a development environment but also successfully exfiltrated backups of all customer password vaults.
Pros:
  • Intuitive User Interface: The browser extensions and mobile applications are widely praised. For example, they are considered simple and intuitive. They are also easy to navigate.
  • Complete Set of Features: LastPass has a mature and extensive list of features. These include strong administrative controls, detailed security policies, and directory connections for businesses.
  • Good Tools for Collaboration: These help users hand out passwords and other credentials securely. This can be done among family members or within business teams, which can set up shared folders with specific permissions.
  • Strong Business Admin Controls: For enterprise customers, LastPass has a powerful administrative console. It comes with specific controls and extensive policy options. It also has advanced reporting features.
  • Smooth Syncing Between Devices (Paid Plans): For paying subscribers, the automatic synchronization of vault data is a main strength. This syncing happens without interruption across an unlimited number of devices. 
Cons:
  • Catastrophic Security History: The 2022 data breach was a major security event. In fact, it resulted in the theft of the entire customer vault database. On top of that, this is compounded by a history of other security incidents.
  • Widespread Loss of Trust: There is a significant and justifiable trust deficit among cybersecurity professionals. As a matter of fact, many of them now consider the brand synonymous with security failure.
  • Poor Customer Support: Customer support is widely reported to be inaccessible and ineffective. This is especially true for individual and free users. It is described as a nightmare. This is particularly the case for important issues like account recovery.
  • Highly Restrictive Free Plan: The free version has a major limitation. It is restricted to a single device type. This can be either mobile or computer, but not both. This is a severe drawback that makes it impractical for the vast majority of modern users.
  • Product Instability and Bugs: Users on community forums frequently report that they run into persistent technical glitches. These include recurring login loops that lock users out of their accounts. They also mention synchronization failures and a buggy autofill feature that fails to work correctly.

LastPass uses a freemium and subscription model. It is known as one of the most historically significant players in the password management and IAM software market. However, its reputation is now defined by a stark and polarizing divide.

What is LastPass?

LastPass is a cloud-based password management service that lets users store their digital credentials in a centralized and encrypted digital vault. These credentials can be passwords, passkeys, credit card numbers, and secure notes. 

The entire platform is built upon a zero-knowledge security model. In theory, this model was designed to make certain that LastPass itself never has access to a user's master password. It also prevents access to the unencrypted contents of their vault. Instead, all encryption and decryption processes are meant to happen locally on the user's device.

The service inspects web forms. It then automatically saves and fills in login credentials. This is intended to stop password reuse. It also removes the need for manual typing. Its main services are delivered through browser extensions, mobile apps, and a desktop application. These are all intended to present a smooth and synchronized experience for paid users across all their devices.

Usability and Interface

  • End-User Experience: Generally speaking, the end-user experience through the browser extension is considered a primary strength. It is frequently praised in reviews for being intuitive and simple. This makes it highly accessible for non-technical individuals. The in-field icon helps autofill credentials. It also gives access to the password generator. Altogether, this makes the login process smoother for users.
  • Administrative Console: For business users, the administrative console is a key feature. It allows for centralized management of users, security policies, and shared folders. Professional reviews on platforms like G2 point out the dashboard's effectiveness. Still, some criticisms mention a desire for a more polished interface. The ability to apply over 100 different security policies is a significant draw for enterprise clients.
  • Performance: The platform's performance gets mixed reviews. Synchronization for paid users is typically without interruption. On the other hand, there are notable reports of bugs and inconsistencies. Users frequently complain about a clunky web vault experience when compared to the browser extension. They also bring up a dated interface design and persistent issues where autofill breaks or fails to save new passwords correctly.
  • Reliability: The platform's reliability is a point of major contention. Business-centric review sites paint a picture of a dependable tool. In contrast, community forums are full of complaints. Users say they run into recurring login loops that lock them out. They also report synchronization failures even for paid accounts, and other persistent glitches. 

Mobile App (iOS & Android)

The LastPass mobile applications for iOS and Android are necessary clients. They give full vault access. They also have password generation and autofill capabilities on mobile devices. In late 2023, LastPass announced a significant redesign of the user interface for these apps. This change was intended to modernize the look and feel. It was also meant to improve usability. 

  • For iOS and Android users, the mobile apps are generally found to be dependable. They work well for the main tasks of accessing and using credentials while on the go. They support various authentication methods. These include biometric options like fingerprint and facial recognition. They can also be set up for passwordless login to the vault.
  • However, the mobile experience is directly tied to the platform's broader issues. The most significant issue for many is the Free plan's restriction. Since March 2021, this has limited free users to a single device type. This means a free user cannot use both the desktop extension and the mobile app. This severely fractures the user journey. It also makes the mobile app useless for a desktop-primary free user. On top of that, security researchers in 2021 discovered multiple third-party trackers within the LastPass Android app, which raised privacy concerns among users.

Key Features of LastPass

The LastPass platform contains a wide array of security and convenience features. These are designed to cater to a broad spectrum of users, from individuals to large enterprises.

1. Fundamental Password Management

To begin with, the foundation of LastPass is its main feature set. It is designed to make password hygiene simpler. 

  • This includes a secure Password Vault. The vault acts as a central repository for an unlimited number of items. These items include not just passwords but also secure notes, addresses, and financial information. 
  • The primary convenience features are Save & Autofill. With this, the browser extension automatically captures and fills in login credentials. 
  • It also includes a strong Password & Username Generator. This tool creates strong, unique passwords up to 99 characters long. This helps users cut down on credential reuse. It can also generate random usernames for greater online privacy.

2. Additional Security Tools

On top of that, LastPass builds upon its fundamental functions with several advanced tools. 

  • The Security Dashboard is a very important feature. It analyzes all passwords in the vault. It then flags any that are weak, reused, or old. It also gives an overall security score with direct links to change the compromised passwords. 
  • The platform also has Dark Web Monitoring. This feature actively scans data dumps for user email addresses. It then sends an alert if credentials are found in a third-party breach. 
  • Another key feature is Emergency Access. This works as a digital will. It lets a user grant a trusted contact one-time access to their vault after a certain waiting period. This lets loved ones take over digital assets in an emergency.

3. Authentication and Access Control

LastPass supplies multiple layers for securing vault access. It supports a wide range of Multi-Factor Authentication (MFA) methods. This includes its own LastPass Authenticator app for push notifications. 

  • LastPass also has compatibility with TOTP apps like Google Authenticator, SMS codes, and biometrics. In addition, it supports Passwordless Login. This allows users to get into their vault with biometrics or a push notification instead of typing the master password. 
  • For businesses, Advanced MFA options introduce contextual access policies. These policies are based on geography, IP address, or device type. These can also extend MFA protection to workstations and SSO applications. 
  • Notably, these advanced security features have historically been put into higher-priced tiers or sold as paid add-ons. This practice raises concerns about the company charging extra for necessary security controls.

LastPass Pricing

LastPass uses a tiered pricing model. In this model, it separates its products into Personal and Business categories. The features and limitations of each tier are important factors when you want to size up the product's overall value. To put it simply, the value you get out of each tier is very different.

Personal Tiers:

  • Free: The Free plan costs $0. With this plan, you get unlimited password storage and the security dashboard. However, it comes with a major handicap. It is restricted to only a single device type, which can be either computer or mobile.
  • Premium: The Premium plan is priced at $3.00 per month. Generally, this is the main product for individuals. To begin with, it removes the device-type restriction. In addition, it adds key features. These include 1 GB of encrypted file storage, one-to-many sharing, and emergency access.
  • Families: The Families plan costs $4.00 per month. This plan gives the best value for households. For instance, it contains six separate Premium accounts. It also has a central dashboard. This dashboard lets a family manager look after shared folders for household accounts.

Business Tiers:

  • Teams: The Teams plan is set at $4.25 per user, per month. It is designed for up to 50 users. This plan introduces business features. For example, it includes a central admin console for user management. It also has shared folders with permissions, 25 configurable security policies, and basic activity reporting.
  • Business: The Business tier is priced at $7.00 per user, per month. This plan is aimed at larger businesses. It expands capabilities in a big way. For instance, it comes with over 100 security policies and advanced reporting.
  • Business Max: The Business Max plan costs $9.00 per user, per month. This is the top-tier plan available. First, it includes all the features from the Business plan. On top of that, it adds advanced security and compliance tools. Some key additions are unlimited SSO applications and advanced MFA capabilities with contextual policies. 

LastPass Reviews and Ratings

The market perception of LastPass is deeply and critically divided. This shows a chasm between formal business reviews and the sentiment of the broader user community.

Gartner and G2 (Professional Platforms):

On one hand, LastPass continues to perform very well on professional software marketplaces. This is particularly true with business users.

  • On Gartner, for example, it holds a 4.0 out of 5-star rating. 87% of these reviews are either 4 or 5 stars.
  • Reviewers praise its ease of use, deployment, and strong team sharing capabilities. On G2, it has consistently been rated a Leader, even after the 2022 breach.
  • Here, users highlight the effective admin dashboard and intuitive interface. These platforms paint a picture of a mature product that solves business challenges effectively.

Reddit (Community Forums): 

On the other hand, the sentiment on forums like Reddit is overwhelmingly negative. It is also almost entirely different from professional reviews. Discussions are dominated by the 2022 security breach.

  • Many users describe this event as an unforgivable failure for a security company. The most common themes are a complete loss of trust. 
  • Some IT professionals even state that recommending LastPass is irresponsible. Other themes include complaints about abysmal customer support. The broken account recovery process is a particular point of frustration. 
  • This unfiltered user voice reveals deep-seated frustration with both the product's security and its support system.

Overall View of LastPass

In summary, LastPass is a platform of profound contradictions. It is a feature-rich, highly usable password manager. In the past, it played a major part in bringing the technology to a mass audience. Its user interface is often lauded as a key strength. This makes it accessible to those who are not technically inclined. For businesses, its specific administrative controls and detailed policy options remain a compelling draw.

For new users, the main question is whether to trust a company that is attempting to rebuild from a deep trust deficit. 

This is especially true when credible LastPass alternatives with clean security records exist. As a result, the product's value is now permanently entwined with its failures. That said, there are still several users more than happy to partner with the company.

Infisign: The Ideal LastPass Alternative

In contrast, LastPass struggles with a history of security failures and a restrictive free plan. Because of this, users seeking a trustworthy alternative frequently turn to Infisign. Infisign offers over 6,000 API and SDK integrations. This makes it easy to use with your existing tech stack, making it a simple IAM software to work with.

Additionally, Infisign includes advanced IAM features without any hidden charges. Some of these features are unlimited directory sync, biometric authentication, and adaptive MFA based on user roles or attributes.

  • Cost-Effective Premium Features: For users who need advanced features, Infisign's premium plans are significantly more affordable than LastPass's. This makes it the undisputed value leader in the market.
  • AI Access Assist: Infisign includes AI Access Assist. This feature allows users to add and remove users on the go through Slack, Teams, or AI chat interfaces. It also lets you automate user provisioning. This automation can be based on roles, departments, and attributes when employees are onboarded or switch teams.
  • Attribute-Based Access Control: Attribute-Based Access Control (ABAC) goes a level deeper than Role-Based Access Control (RBAC). ABAC is a feature in Infisign. It allows you to add and remove users based on specific criteria in your database. These criteria can include location, email ID, or years of experience, among others.
  • Universal SSO: Infisign uses SSO protocols like SAML, OIDC, Federation, and MPWA. This allows all users to sign into their entire tech stack with a single login attempt. As a result, it eliminates wasted time, password fatigue, and the need to reset passwords.
  • Works on Legacy, Web-Based, and On-Prem Apps: Most modern IAM software has limited functionality on outdated, on-prem, and web-based applications. 

Infisign, however, works on all of them. It achieves this using managed password web authentication and network access gateways. This provides centralized access control for all your applications.

  • Adaptive MFA: Standard MFA always requires a second step. In contrast, Adaptive MFA looks at the context of a login, such as the user's location and device. As a result, it only calls for extra verification when a situation seems unusual. This makes access smoother for regular users.
  • Passwordless Authentication: Infisign lets users sign in with biometrics, push notifications, or physical passkeys instead of a password. This method does away with the security risks that come from weak or stolen passwords.
  • Automated Audit Trails: The system automatically records all access and permission changes. It stores them in a detailed log that is easy to search. This helps companies keep up with IAM compliance and avoid heavy fines.
  • Just-In-Time Access: This feature gives a user temporary, high-level access to a specific application. This access is only for a limited time. Because of this, it lessens security risks by getting rid of permanent privileges that could be misused.
  • Clean Security Record: Infisign has no known history of breaches. This gives users peace of mind. They know that its security model and protocols have successfully protected user data, a claim LastPass can no longer make.

To sum up, for users prioritizing security, transparency, and value, Infisign comes as the ideal choice.

Want to see Infisign in action? Book a free demo call with our team!

FAQs for LastPass

What is LastPass's main method for security?

LastPass's main method for security is based on a zero-knowledge model. In short, this model is designed to make certain that all encryption and decryption of user vaults happen locally on the user's device. The user's master password, which is never sent to LastPass, is used to generate the encryption key. 

What are the main products sold by LastPass?

LastPass's main products are its tiered password management plans for personal and business use. To break it down, these range from a highly restrictive Free plan to Premium and Families plans for individuals. They also include Teams, Business, and Business Max plans for businesses. These products include features like a password vault, autofill, a password generator, a security dashboard, and secure sharing.

How does LastPass's system benefit companies?

For companies, LastPass's system brings benefits through its centralized administrative console. Also, administrators can apply over 100 different security policies. They can also create shared folders with specific permissions for teams. Moreover, they can connect with directory services like Microsoft Entra ID and Okta for simpler user management.

What are some common criticisms or challenges with LastPass?

Generally, common criticisms include its 2022 breach which exposed all customer vaults, is a particular point of concern. Other major challenges people bring up are the widely reported abysmal and inaccessible customer support. There is also a highly restrictive free plan that limits use to one device type. Finally, users report persistent technical glitches like login loops and buggy autofill behavior.

Set up
Instant access with SSO in just 4 hours!

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Unify Legacy and Modern Apps With an IAM That Simplifies Access Control.

Get a Free Trial

Similar articles

10 mins

MiniOrange Review 2025: Key Features, Pricing, Pros and Cons

MiniOrange offers IAM, PAM, and CIAM solutions. Explore MiniOrange's features, pricing, reviews, and pros and cons to decide if it fits your business needs.
12 mins

Frontegg Review 2025: Key Features, Pricing, Pros and Cons

Frontegg provides solid CIAM for B2B SaaS with reliable support and developer tools. Read our 2025 Frontegg review on UX, pricing, workflows, and features.
10 mins

CyberArk Review 2025: Key Features, Pricing, Pros and Cons

CyberArk specializes in the PAM landscape. Explore CyberArk's features, pricing, alternatives, pros and cons to make a better decision for your business.

Enter the future of digital security.

Experience AI-enhanced IAM capabilities and better security.
Checkmark
Reusable identity
Checkmark
Zero-Knowledge Proofs
Checkmark
Zero Trust practices
Checkmark
AI Agents
Get a Free Trial
Book a Demo Call
Download Infisign Wallet on
Features
Single sign-onPasswordless AuthenticationZero Trust AuthenticationDecentralize IdentityMulti-Factor AuthenticationPrivileged Access Management
Products
Infisign IAM SuiteUniFedInfisign SSO
Company
About Us
Resources
BlogCompetitor Reviews
Competitors
Infisign vs OktaInfisign vs LastpassInfisign vs Red HatInfisign vs Azure ADInfisign vs Cyberark
Join Our Mailing List
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
+1 (862) 386 8165
22 Henry Road, Branchburg, NJ 08876
demos@infisign.io
© 2025 by Infisign. All rights reserved.
Privacy Policy
Terms of Service
Terms of Use
Trust