Online Cloud Security Logo mobile

Can Lastpass Be Trusted? Is It Safe for Storing Passwords Securely?

Dave Miller with Online Cloud Security

Dave Miller – Tech Enthusiast & Security Expert – January 6th, 2022

Can LastPass be Trusted and is it safe for storing passwords securely

Without a password organizer, regular monitoring of dozens or hundreds of secure, distinct passwords is impossible. LastPass, which was founded in 2008, is a cybersecurity warrior and among the most feature-rich security tools available, however, can LastPass be trusted? Is it safe for storing passwords securely?

It has multi-factor authentication, is compatible with a variety of systems and browsers, and is simple to use. Even more, there’s a friendly free version of LastPass to check out. So, I’ll give you a comprehensive LastPass evaluation so you can see how wonderful it is.

LastPass Premium includes cross-platform synchronization, safe sharing, a robust password analysis, and dark web surveillance, among other things. Unfortunately, a modification in device synchronization rules renders LastPass’s free version nearly worthless for the majority of users. LastPass is indeed an Editors’ Choice password manager for its simplicity of use and functional properties. However, it is no longer recommended for free users.

LastPass has been extensively investigated, and everything has been included in this post. Keep reading to discover all you need to know regarding this product’s safety, the convenience of use, cost, and much more. First, let’s look at how effectively this password manager works and if LastPass can be trusted for securely storing passwords.

Table of Contents

LastPass Password Manager: Quick Pros & Cons

short summary of LastPass password manager



Lastpass Free Vs. Premium Vs. Family

Consumers may choose from three plans: free, premium, or family. The free version contains all of the typical password manager functions and a few extras that other services charge for. For example, LastPass’s free edition includes auto-filling, password generation, one-to-one sharing, encrypted notes, a strong password report, and multi-factor authentication compatibility.

Regrettably, LastPass has revised the requirements for complimentary users when it comes to devising synchronization. Free accounts could formerly sync credentials across any device supported by LastPass, both mobile and desktop. Instead, LastPass allows free customers to sync credentials among computers (browsers, desktops, laptops) and mobile devices (phone, tablets, and smartwatches). LastPass’s free version is significantly limited as a result, and it is no more one of my current favorites for free security tools.

Can LastPass Be Trusted for Storing Passwords?

Can LastPass be trusted for storing passwords

You may be questioning if LastPass can be trusted for storing passwords securely. LastPass is a restricted source password manager, so I realize the concern. Furthermore, they never contacted third-party auditing firms to confirm that they were functioning safely. For almost everything they give, you’ll have to accept their words for it. Finally, the corporation was the target of a sophisticated hacking effort that didn’t help matters.

LastPass encrypts your safe vault with military-grade AES-256-bit security. The vault can only be unlocked with your master password, never supplied straight to them. LastPass only gets data that has already been secured on your local device, as per the privacy policy. All encrypted pieces of data are delivered to their servers. Because of the different hashing techniques, even its engineers cannot decrypt it at will. It implies that everything you save with LastPass is secure.

Can LastPass Get Hacked?

In 2017, Google Project Zero expert Tavis Ormandy discovered a weakness in the LastPass browser extension that may be used to steal user data. The vaults were safe. On the other hand, the vulnerability allowed for the retrieval of encrypted user master passwords, email accounts, and login reminder concerns. By misusing the recovery methods, a hacker might get access to someone’s LastPass account.

LastPass’ primary servers were hacked in 2015, and they were forced to shut down. Hackers attempted to get access to LastPass servers to obtain user passwords and other data. However, there is some good news: the hackers’ attempt to obtain credentials failed. They could get user email addresses, login hashes, and password reminders, though.

Hackers can discover a way into accounts by utilizing the verification hashes. As a result, when users’ master passwords were hacked, LastPass asked them to change them again. However, the corporation still requires customers to update their master passwords regularly.

What Security Measures Does LastPass Take To Protect Your Passwords?

LastPass is an excellent password manager which stores your passwords in an encrypted vault on your devices (phone or PC). Unless someone possesses the master password, none can enter this protected cloud. This encrypted cloud begins syncing with all compatible devices instantly by sending any information to LastPass servers.

LastPass can assist you in protecting your passwords from attackers in this manner. However, understand that you are only as safe as your passwords, so choose a master password that is difficult to predict for attackers.

Let’s look at how LastPass protects your password accounts in more depth.

Master Password in LastPass

LastPass' Master Password

Setting up a new LastPass login needs a secure master password. If the LastPass services are compromised, the password is also encoded, so your master password will not be stored in raw in the system.

You only need to memorize your master password and sign in to LastPass. LastPass’s interface with devices and browsers works seamlessly whenever you enter into any site, enabling you to autofill login details for sites.

One-Time Passwords (OTPs)

You can be stepping into a trap if you visit your online vault from a device that isn’t yours. You have no way of knowing if the device is equipped with a keylogger or other software capable of recording your inputs. Considering their one-time passcodes option, LastPass may have a viable answer. You’ll be able to log in without having to provide your master password in this manner.

Once you’ve signed in to your account, you may create LastPass one-time passcodes. You can use that, but each passcode will expire after a certain amount of time has passed. In addition, it implies that you can’t use the same password to log in to your account again. You may also print them or save them in various formats for later usage or in a crisis.

System Updates

LastPass secures accounts by upgrading its systems regularly, following the best security standards. System upgrades can also assist in mitigating the risk of an outage or a singular point of failure. As per estimates, LastPass has been evaluated by over 43,000 businesses, comprising Fortune 500 organizations and significant IT firms.


By confirming the encryption key, encryption / decryption function in tandem. Just you will be allowed to access your LastPass passwords after the key has been confirmed, which means you’ve properly entered the right password. LastPass prevents malware assaults by using AES-256 and PBKDF2 encryption. These encryption algorithms are safe, and breaking them would require guessing millions of credentials.

Two-Factor Authentication

You may use LastPass’s Two-Factor Authentication or a fingerprint ID for added security. Another approach to maintain your account secure and authenticated at all times is to use this method. If you have a robust security system in place, attackers will avoid gaining access to your LastPass account. A code provided to your smartphone can also be used for multi-factor authentication.

Password Recovery

The recovery of a password is not as simple as it may appear. LastPass cannot provide you with your master password because it does not understand it. While it may make accessing your locker more complicated, the most significant benefit of having your password confidential is that it protects you from online scammers.

Check out the following steps if you’re having trouble accessing your account in LastPass:

  1. Use the password hint you created when you created your account. Although the suggestion is not the password directly, it can aid in the recall of your strong password. While it is not required to create a hint, we strongly advise it because it may aid in the recovery of your LastPass account.
  2. Visit the LastPass website and go to the Account Recovery page. Your unique Time Password may be activated here. It may be easy to reclaim your account with that as well.
  3. Take into account that only desktop computers can retrieve your account using a one-time password.
  4. Use the LastPass website and the browsers add-on to log in to your account. If you really can’t only log in with one of them, the LastPass browser extension may be at fault. Clear your browser’s history and notify LastPass customer service if this happens.
  5. If none of the following suggestions work, you might have permanently lost entry to your LastPass account. Using this password manager, retrieving a password is a complex process.


LastPass is among the most popular password managers on the marketplace right now and is one of the most trusted password managers that I know. One of its key draws is privacy. The product employs AES-256 encryption, which is the industry’s Holy Grail. It also has two-factor and multi-factor authentication options, ensuring that the app is as safe as you want it to be.

LastPass is a user-friendly, feature-rich, and safe password manager. LastPass’s essential components are well and user-friendly, and both the online vault and browser extension make managing your passwords a breeze. In addition, the auto-save and auto-fill capabilities work well.

One-Time Passwords and the ability to limit the app’s use in various countries are among the capabilities included out of the box. On the other hand, Credit Reporting will notify you if your credit report changes unexpectedly. These and many other characteristics will provide you with a sense of complete security.

LastPass Free is among my favorite free password organizers, and its pricier plans provide more capabilities than most rivals (and at a very affordable price). In addition, for 30 days, you may test all of LastPass’ personalized plans for free.

Even if you choose the free version, you will have access to more than sufficient tools for keeping your passwords safe. As outlined in this LastPass evaluation, if you upgrade, your options grow much further.

** is a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a way for websites to earn advertising revenues by advertising and linking to and affiliated sites. As an Amazon Associate we earn affiliate commissions from qualifying purchases.**

Dave Miller with Online Cloud Security

Dave Miller

IT Consultant at Online Cloud Security

Dave Miller is an IT Consultant for Online Cloud Security and has over 7 years of experience in the Information Technology space. He also specializes in repairing laptops & computers. In his spare time, he loves to talk about new technologies and hosts monthly IT and Cyber Security meetings in the Houston area.

Popular Reads:

Related Articles:

Share This Article with Your Friends!

Click any button down below to share this article on the following channels:

Online Cloud Security Logo (500x500px)

About Online Cloud Security:

Online Cloud Security is here to recommend you the most secure devices, from laptops to smartphones, we only want to provide you with products that we have tested and used ourselves for online security. Every product that we recommend is heavily inspected and tested for security against hackers, viruses, malware, and any other intruders that may want to steal your information. 

Recent Posts:

Online Cloud Security Logo (500x500px)

About Online Cloud Security

Online Cloud Security is here to recommend you the most secure devices, from laptops to smartphones, we only want to provide you with products that we have tested and used ourselves for online security. Every product that we recommend is heavily inspected and tested for security against hackers, viruses, malware, and any other intruders that may want to steal your information. 

Recent Posts: