Despite the best efforts of software and security professionals, many growing businesses share logins between users — usually as a cost-reduction effort. But securely sharing unique, complex passwords is nearly impossible without a password manager software.
Sharing passwords via insecure methods — written down, via email, or storing them in a spreadsheet—increases the likelihood that those passwords, and the data they protect, will be exposed to hackers. A data breach in the US in 2019 cost companies an average of $8.19 million—nearly twice as much as the global average. A password manager software can reduce the risk of exposure.
Password managers were originally created to solve the problem of creating unique, secure passwords, and then remembering them. Businesses of all sizes now adopt enterprise-wide password management tools to create and administer a corporate password policy where users securely share passwords to decrease the likelihood of a breach.
Choosing the best password manager for your business can be difficult, especially when you try to satisfy everyone in your company. This article will focus on two enterprise password management leaders: 1Password and LastPass. We’ll provide an overview of each platform and then compare 1Password vs. LastPass pricing, their differences and similarities in functionality, and each company’s approach to password security.
The latest version of 1Password is 1Password 7, which is available for all operating systems including Mac, Windows, Linux, and the Command Line. The accessibility of the software from all these tools makes it an ideal product for implementation across the enterprise.
Both the individual and business-oriented plans support mobile applications for Android and iOS, which means you can access passwords stored on your computer via your mobile device. When you connect your mobile device to the internet, the app syncs with the desktop version to keep all versions up to date.
Most businesses will prefer the robust functionality and granular control offered by 1Password Teams, Business, or Enterprise, although some small businesses may get away with a Family plan. All versions include desktop and mobile applications, unlimited sharing of passwords, automatic syncing, and access control. The Business version increases data storage from 1GB per user to 5GB, provides an unlimited password history (as opposed to 30 days), and offers more options for groups, activity logging, and role-based access. Business also provides priority customer support.
LastPass is a cloud-based password management tool, so you don’t have to install a desktop app to get started using LastPass. It’s available on Mac, Windows, or Linux computers, and they offer extensions for major browsers including Safari, Chrome, Internet Explorer, Microsoft Edge, and Opera. These extensions make using the service easier, but they’re not required.
LastPass comes in several versions. Free, Premium, and Families tiers are for consumer use, while MFA (multi-factor authentication), Teams, and Enterprise are recommended for business use. There is also an Identity plan that combines the MFA and Enterprise capabilities.
Yes, you can use LastPass completely free of charge. But as of March 16, 2021, you will need to choose to use your account on either mobile or desktop. You also won’t be able to share passwords with other users or have access to any of the other features that make a password manager useful. But you can generate, store, and automatically fill passwords, and that’s better than no password manager at all. For very small companies or companies that are not concerned with sharing passwords across teams, the free tier is a no-excuses way to start using password management.
Business plan pricing is based on the number of users, with the Teams plan starting at 50 recommended users. All business plans include offline mode, a security dashboard, two-factor authentication, and self-guided support.
Comparing integrations and security for 1Password vs. LastPass
You’re probably reading this article because you’ve narrowed down your search for a password manager to these two options. While both applications are a strong choice, one may be a better fit for your unique situation.
LastPass has more options for directory integrations, supporting Active Directory, Okta, OneLogin, Microsoft Azure AD, and API access. Currently, 1Password supports Azure Active Directory and Okta for automated deployments.
The more fundamental difference between the two platforms is this: LastPass’s security is authentication-based, while 1Password’s is both authentication and encryption-based.
An authentication-based system checks your credentials — in this case, your Master Password — and then provides or denies access based upon whether or not your credentials match those stored by the authenticator. These credentials may or may not be stored in plain text, and there are typically backdoors that allow access in case your password is forgotten or that allows administrators to reset passwords, so you can regain access.
In an encryption-based system, resetting a lost encryption key with a backdoor method simply isn’t possible, as the key is used to generate the “code” that encrypts your data. This means that your employees will need to download and securely store their 1Password encryption key to access the system in case of a lockout. Neither you as the admin or 1Password as the vendor will be able to access their password vault for them if they lose it. This is why, according to 1Password, they don’t (and probably can’t) offer multi-factor authentication in the same manner as an authentication-based system like LastPass.
- For a more technical look at encryption, authentication, and authorization, see this useful piece from Boston University: Understanding Authentication, Authorization, and Encryption.
- For a useful explanation on this subject from 1Password, click here.
- In the interest of fairness, LastPass offers their take here.
If security is your only concern, 1Password’s locally installed option is certainly the way to go, but usability is just as important. For that, the cloud-based options from either LastPass or 1Password might be more appropriate, since they offer business-friendly features that help less-savvy users recover and change passwords.
Choosing the right password manager tool
In conclusion, both tools should greatly increase the security of your business data while also making it easier to create and store secure passwords. But each service is only as good as the passwords it stores. If you use weak passwords (like “password” or “1234”), write passwords down on post-its stored on the underside of your keyboard, or store plain text passwords in a spreadsheet as well as your password manager, hackers and bad actors can still access them. The software also can’t help if you commit the other cardinal sin of password management — using the same password for multiple sites.
Ultimately, the decision between LastPass vs. 1Password will come down to your unique situation — your users, your OS environment, your regulatory requirements, or your IT admin’s preference.