When it comes to choosing the best password manager, 1Password vs LastPass is one of the hottest debates in 2024. Whether you’re tired of forgetting complex passwords, juggling shared logins, or managing account access for your team, these two top contenders promise to simplify your digital life. In this review, we’ll break down the key differences between LastPass vs 1Password, so you can decide which fits your needs best. Let’s get started!
What are password managers?
A high-level definition
In the simplest of terms, a password manager is effectively a “keyring” for passwords. These apps allow you to collect and store passwords and login credentials for the systems, networks, websites, and accounts you can access, so you don’t forget or misplace them (or worse).
Sure, you could keep those passwords in something a little more low-tech (e.g., a notepad, a notepad .txt file, a spreadsheet, a sticky note, etc.). But those all come with their own issues. Issues that collectively, for the sake of brevity, we’ll summarize as “leaving the key in the lock.”
Additionally, none of those alternatives offer any real solutions to managing communal passwords (among other pain points).
Password managers help you store and organize your logins. But they also help you generate more secure passwords when creating or updating logins. Most importantly, though, they enable you to control access to the passwords so only authorized individuals can use them.
Ok, but what’s the point of a password manager?
We’ll keep this short, but it’s relevant, especially with the two brands we’re comparing below. See, passwords, like the keys we compared them to, are a security measure. And, when you get down to brass tacks, security of any kind is functionally a paradox. It’s a weird balancing act where you’re trying to ensure that some people have access to a thing while denying access to everyone else.
That may not seem too contradictory on the surface, especially when that’s why we put locks on the front door of a house. But have you ever found yourself having to unlock the door when your hands were already full? Or locked yourself out? Or neglected to lock the door?
Here’s the fulcrum of this seesaw: better security means more difficulty accessing the thing, but that difficulty also applies to those authorized to access it. And we, as humans, often seek to smooth out points of friction, especially in any process we do regularly. In other words, the higher the security, the greater the risk people will want to bypass it for convenience.
Password managers are a compromise—and a rather effective one. They seek to improve the convenience of authorized access while minimizing how much that convenience impacts security. They make protection easier to implement and use.
LastPass overview
Enough preamble; let’s get into the meat of this discussion with our first competitor.
LastPass is a cloud-based password manager. That means you can open your LastPass vault from anywhere via a web browser, just as you would with your CRM or project management account.
We’ll discuss and compare some of LastPass’s less obvious advantages in a moment, but the two value props they place front and center are the above-mentioned “access from anywhere” cloud hosting and the free user tier.
In a nutshell, if you’re using a password manager for your accounts and devices, LastPass is more than enough to cover standard security concerns, and you can use it for free.
1Password overview
By contrast, 1Password is an app-based manager. Your sensitive data is encrypted and stored locally before syncing to your cloud-hosted vaults.
This tech tool offers a more premium solution and user experience than most competitors. As expected, this means that there’s no freemium version. You can try it free for 14 days, but after that, you’ll either need to start paying or abandon ship.
Among the many advanced features 1Password boasts, it’s broadly accepted that its crown jewel is the Watchtower functionality. This security monitor can help you track the strength and vulnerability of passwords, logins, and other things, reporting the highlights to you in a convenient dashboard.
What platforms are 1Password and LastPass available on?
In the strictest sense, both LastPass and 1Password are available everywhere. Both support browser-based access, meaning you can technically access them from anywhere. Both have dedicated mobile apps. That’s where the similarities end, however.
1Password is—first and foremost—app-based, even on desktops. It’s available for download on macOS, iOS, Windows, Linux, Android, browser extensions, and command line. And speaking of browser extensions, 1Password currently supports Chrome, Firefox, Edge, Brave, and Safari.
LastPass is primarily a cloud-based solution. That said, app versions are available for download on Android and iOS and desktop apps for macOS, Windows, and Linux devices. There’s even a version for WatchOS (the Apple Watch operating system).
You can find the mobile apps on their respective marketplaces and the macOS version on the LastPass downloads page. For Windows and Linux, though, you’ll have to go to where dedicated desktop apps for that OS are found (e.g., Microsoft Store). Be warned, though—free users must choose between using LastPass on mobile or desktop, and they won’t be allowed access to both without upgrading.
Finally, Chrome, Firefox, Edge, Opera, and Safari browser extensions are available. Linux and Windows users who find themselves bouncing between multiple browsers can download the “universal installer” for their OS, allowing them to install the LastPass extension on all compatible browsers on their device simultaneously.
LastPass and 1Password key features
Now, let’s discuss the details that make one or the other a more appropriate choice for a given situation.
Password manager basics
The core three features of password managers are secure storage, password generation, and login autofill. Both 1Password and LastPass facilitate all three, with a few differences.
1Password
1Password stores your data locally and in the cloud, encrypted in either case. This means you can access your data anywhere and offline (provided you brought your device).
You can have the app generate passwords for you and customize the parameters (length, included characters, omitted characters, etc.) to ensure you create a password that fits the necessary criteria. And with the browser extensions, 1Password can autofill login details for you.
Some users have complained about the autofill functionality being a bit inconsistent, often requiring ad hoc adjustments or straight-up manual entry. No autofill is perfect by any means, but 1Password seems to be less consistently reliable than others.
LastPass
LastPass strictly stores your data in the cloud if you’re using a locally installed app (mobile or desktop apps). That data is encrypted regardless (more on that below). This also means that you’ll need internet access to see or use your data in the vault unless you’re using one of the app versions as mentioned.
LastPass also allows you to generate passwords and similarly facilitates customization of said passwords.
As for the autofill feature, LastPass tends to be more reliable than 1Password. It’s compatible with a wider range of websites and login portal types and more consistently enters the correct information in the right boxes. That being said, it does goof up from time to time and sometimes fails to parse separate logins for similar websites (like when more than one domain routes to a shared host for their login portals).
Ease of access and use
1Password
1Password boasts a sleek, polished aesthetic with a fairly intuitive menu and interface design. It allows users to organize their data into folders and to group folders into separate vaults. This can simplify password sharing, control access, and even help improve security during travel (more on that later).
The apps and browser extensions integrate with a host of 3rd-party systems (more on some of those below), including biometric login functions on the local device (face ID, fingerprints, etc.). You can upgrade to include SSO and 2FA if needed, as well.
Finally, due to its methodology and focus on app-based solutions, you can always access your login data, no matter where you go, even offline.
LastPass
LastPass is available from anywhere you have an internet connection. While that’s not unique (even in this comparison article), LastPass does a better job prioritizing this convenient access, making the process using your login data less of a challenge. While it doesn’t support multiple vaults, you can still group logins into groups and sub-group folders, making sharing and controlling multi-user access easier (again, more on that further down).
The solution also has features tied to “emergencies,”: namely, providing one-time access to a trusted contact should it be needed, and a “digital will” that provides wholesale authorization should it be necessary.
You can set up passwordless vault login and federated login, and you can even extend the MFA you’ve set up for LastPass to the entire workstation on which it’s installed.
Support and service
1Password
24/7 support is available from 1Password at every tier. However, that support is limited to the resource library and email/forum/social media interactions for all but Business and Enterprise subscribers. Dedicated account management and customized onboarding are similarly reserved for the top tiers.
LastPass
LastPass is more generous with its support. While free users are limited to the LastPass Community forum and other assets in the resource library, and customer success managers are likewise unavailable to all but the highest tier, you can get support from a living, breathing human starting with the first paid tier.
Management and productivity
1Password
If you want to implement a manager across an entire organization, 1Password has the lion’s share of advantages here. 1Password Developer allows your team to tailor and make customizations that are specific to your team. Sharing passwords is (if a little cumbersome to implement) a lot easier to supervise and manage, with options to limit how long passwords are accessible, manually expire passwords, and even review the history of shared items. Plus, you can share passwords even with users without a 1Password account.
With 1Password, you can use Watchtower to create security alerts and prompt users to address issues related to weak/expiring passwords and 2FA availability. You can also recover accounts if a team member gets locked out (an occasional concern, especially if a team member abruptly leaves).
However, you’ll have to upgrade to “Business” or “Enterprise” if you want to use the advanced security monitoring for the whole team or create vault permissions, create/manage custom user groups, or customize business reports.
LastPass
This is one area where LastPass lags to a degree. While sharing passwords with LastPass is much easier, it can only be done via their encrypted system with other LastPass users, limiting its usefulness somewhat.
Beyond that, most admin features like custom user management, user groups, the admin console, etc., are restricted to higher tiers (“Family” for personal use and either “Teams” or “Business” for commercial use). It’s a drastic enough comparison that if team management is your biggest concern, we can suggest opting for 1Password instead.
Still, “Business” level users get “Family” level plans for all users’ personal use as a freebie.
Advanced and eclectic tools
1Password
This is an area where 1Password shines, especially if you have a large contingent of capable software engineers (or similar; they go by many names). With advanced developer tools, integrations, and interoperability with 3rd parties like SIEM tools, and options for creating a host of provisions and custom policies, there’s plenty to choose from.
Of particular note are their Watchtower and Travel Mode features.
The latter is a proactive security measure you can leverage if you have to take a trusted device on the go. You can set specific passwords and vaults as “travel safe” or “private,” allowing you to hide some (making them both invisible and inaccessible) while maintaining access to others. If an unauthorized individual gets access to your device, Travel Mode will ensure that only the visible data can be compromised.
The former is a security dashboard that can help identify issues and potential vulnerabilities. Things like weak passwords, underutilized 2FA, and so forth will all trigger alerts and prompts to remedy the problem. Moreover, you can set Watchtower to issue reports to increase visibility to the admin staff and help you correct course before things get unmanageable. Better still, it actively checks and alerts you regarding potential breaches.
It’s worth noting here, however, that while Watchtower can alert you to many potential threats and risks, it does not monitor everything automatically. Specifically, users report that Watchtower does not monitor email accounts, and you’ll have to check those by hand to see if they’ve been compromised.
LastPass
Not to be outdone, LastPass also has a few unique tricks up its sleeve. As mentioned, its sharing features are more user-friendly. Free-tier users can share any and all of their passwords and saved items with a single trusted individual. Paid users can share “one-to-many” with a potentially unlimited number of shared folders.
Moreover, the security dashboard, offline mode, and dark web monitoring features are all available at every tier (even free users). These are less robust than 1Password’s Watchtower but still provide valuable insight into your vulnerabilities (and it’s hard to argue with a price of “free”).
LastPass also has some rather compelling authenticator options. It offers a dedicated authenticator app, and there’s even a version of said app for Apple Watches. If those aren’t to your liking, you can implement 2FA via SMS, voice verification, and more. And the majority of these added verification features are available on all (or almost all) user tiers.
Price and value
Here is where 1Password loses some of its lead, and LastPass regains some ground. While both have a variety of pricing tiers to suit different use cases, only one offers a free tier, and full access to the entire LastPass feature set is considerably cheaper than it is with 1Password.
LastPass also has higher head counts than 1Password, either included in the flat fee or as a limit before needing to pay for upgrades or add-ons (6 vs. 5 for family plans, 50 vs. 10 for starting team plans), making it a better value on multiple fronts. 1Password does offer the option to pay month-to-month, though it is something that LastPass does not. Here are the details.
1Password
There are five subscription tiers for 1Password, with two labeled as “personal” and the other three as “business.” Worth mentioning is how many of the features we lauded above are reserved strictly for the business tiers, including the entirety of Watchtower’s functionality.
- Individual: $3.99/month, or $2.99/user/month when billed annually
- Families: $6.95//month, or $4.99/month when billed annually (covers up to 5 family members)
- Teams Starter pack: $19.95/user/month even when billed annually (covers up to 10 users per month)
- Business: $9.99/user/month, or $7.99/user/month when billed annually
- Enterprise: by quote
LastPass
- Free: one user, no monthly fee, in perpetuity
- Premium: $3/month, billed annually
- Families: $4/month, billed annually (covers up to 6 family members)
- Teams: $4/user/month, billed annually (for 50 users or fewer)
- Business: $7/user/month, billed annually (for an unlimited number of users)
Comparing integrations for 1Password vs. LastPass
We’ve covered a lot of this already, but for thoroughness, let’s review these rapid-fire styles.
1Password
- The locally installed app is available on iOS and Android, as well as Windows, macOS, Linux, and even the command line.
- Browser extensions are available for Chrome, Firefox, Edge, Brave, and Safari.
- SSO/MFA/Passwordless login integrations are available across most major hardware and digital platform options.
- Developer integrations like IDE extensions, CI/CD integrations, and IaC integrations, plus developer tools and SDK support so you can customize as needed.
- Provisioning with Azure AD, Google Workspace, Okta, and more.
- Stream to SIEM tools like Sumo Logic, Panther, Elastic, and Splunk.
LastPass
- Locally-installed apps are available on iOS, WatchOS, Android, Windows, macOS, and Linux.
- Browser extensions are available for Chrome, Firefox, Edge, Opera, and Safari, and universal installers are available for Windows and Linux.
- Hardware interoperability, such as support for biometric authentication and workstation authentication.
- Software and digital integrations like added MFA for VPNs, SAML protocols, SSO support, directory integrations, federated login, and more.
- Options available for custom API support.
Comparing security for 1Password vs. LastPass
This is the really complex portion of the topic that is both the hardest to explain if you don’t already have a solid grounding in and that we are the least qualified to speak on as authorities. In other words, we can describe how the car works and do our best to make it easy to understand; just don’t ask us to build a car ourselves.
Security basics and data encryption
1Password
1Password uses end-to-end encryption with two encryption layers. This is an incredibly reductive description, but they first lock up the password data using a 128-bit key, and then encrypt it. Imagine locking a vault and then locking the vault’s key in a different vault.
The encryption is “end-to-end,” meaning it’s protected locally (so people can’t just check your hard drive and pull the plaintext), it’s protected in their cloud servers (guarding against a breach), and it’s protected in transit (so there’s less risk of someone trying to catch the data as it’s traveling over your internet connection).
Critically, 1Password never stores your password itself, limiting the potential for exposure.
You can turn on additional authentication requirements, like 2FA for added protection.
LastPass
LastPass similarly adheres to “Zero-Knowledge Security,” preventing even LastPass from seeing your data. All encryption happens “at the device level.” This means that things are “locked up” before they leave your device, so LastPass never even sees the plaintext version of your data, let alone stores it.
LastPass also similarly uses a second layer of encryption, but in this case, the encryption key is your master password (well, you know, plus lots and lots of complicated math).
You can turn on additional authentication requirements, like 2FA for added protection.
Advanced tools and support
1Password
The Watchtower feature scans for and alerts you to potential breaches (among other problems), though this doesn’t include email accounts.
1Password also periodically removes data from your clipboard and always requires you to activate the autofill manually, preventing data from being displayed unnecessarily.
Finally, you can leverage Extended Access Management (XAM) through 1Password, further protecting you and your organization.
LastPass
Dark web monitoring, multi-factor authentication support, and prompts to improve password hygiene are all baked into LastPass, with most of these bonus features available to even free users. Secure sharing is more straightforward than with 1Password, and there are provisions for emergencies where you might not be able to provide authorization.
History of breaches
As we near the end of this article, it’s probably prudent to mention actual security breaches.
1Password has, as of this writing, never experienced a security breach. They’ve never been compromised directly. That being said, there is the possibility that individual users have been compromised. Suppose they have their passwords stored locally on their device, and aren’t diligent with their habits regarding password hygiene and device safety. In that case, there’s a non-zero chance that an unauthorized user seized an opportunity to use an unattended device and gained access.
LastPass, on the other hand, has experienced two as of this writing: one in 2015, and one in 2022. We’d like to hasten to clarify a bit on both, though.
The 2015 breach was physical theft. A hard drive was stolen directly from a LastPass facility, an occurrence that is rare and easy to achieve under normal conditions. The hard drive also did not contain any encrypted data.
The 2022 breach resulted from an aggressive, targeted, protracted effort to gain access to sensitive data by compromising a staff member’s personal device and escalating access privileges from there. Attacks of this caliber are often called Advanced Persistent Threats (APTs).
In the latter case, LastPass’s response was both dramatic and quick. Where most breaches are kept under wraps by corporations for months or years before notifying the potential victims, LastPass disclosed the event nearly immediately and took steps to overhaul both policy and architecture rapidly. The result was a separation from the company that had previously acquired them, encrypting all previously non-encrypted data and commissioning a fully dedicated Trust and Security team.
In other words, their record isn’t spotless, but their response to issues has been clear and decisive. It’s a far cry from “whoops, we leaked 1 billion accounts” or “whoops, we leaked the credit scores of ⅓ of all US citizens; sorry about that.” If it says anything, some of us still use LastPass in personal contexts due to their encouraging approach to disaster response.
Choosing the right password manager tool
Now that we’ve covered a novella’s worth of discussion on the matter, hopefully, the value points will be pretty straightforward and the shortcomings equally obvious. But since every good dissertation needs a conclusion, let’s break it down into a few bullet points:
LastPass “wins” in the following areas:
- Cost and value
- Ease of use
- Convenience
They also earn bonus points for considerations relevant to personal use (e.g., emergency access), and for offering prompt transparency when most other brands delay responding to a breach.
1Password “wins” in the following areas:
- Team productivity
- Flawless security record
- Enhanced developer tools
- Broader and more robust security options
Our final verdict: we recommend LastPass for the following use cases:
- Personal/family use
- Low-security implementations
- Teams with tight budgets
- Teams with larger headcounts and/or higher turnover rates
And we recommend 1Password for the following:
- Higher security demands
- Technical staff
- Complicated deployments
- Highly distributed teams (particularly with sensitive data or BYOD policies)
But remember—our advice is worth what you pay for it. Or, at least, this writer’s advice is worth what you pay for it. So don’t hesitate to try things out and do some additional digging before fully committing.
Frequently Asked Questions (FAQ)
Got more questions? Hoping Google will just serve you up the short answer rather than make you read *gestures to the lengthy article* all of this? We’ve got you covered.