It wasn’t long ago that Ito the reigning champion of , LastPass, recommending it not only for its extensive set of premium features but, more importantly, for its refusal to disappoint its veteran fanbase of free users, even when it faced extensive scrutiny over an ownership change.
A moment of silence, then, for our beloved fallen freeware: as of March 16,You will only be able to use the service on a single type of device, whether desktop or mobile, but not both. Good night, sweet prince.
The move tragically undermines a key security principle that has made the free version of LastPass so effective at core security: its seamless cross-platform integration. The use of a password manager to increase security, perhaps more than many other privacy products, revolves around a fulcrum of maximum user comfort. If it is not immediately and consistently visible throughout browsing, a password manager can be quickly forgotten, and its increasing number of passwords are more easily stored in a browser (a much less secure option).
With more types of Internet-connected devices in the hands of users, and with a digital divide contributing to a broader shift towards Internet access through the phone, Internet use is becoming more fluid. So a free password manager that can’t deftly pivot between a user’s devices just isn’t going to work for it.
In addition to losing cross-platform access on March 16, people using the free LastPass tier will also lose email customer service starting May 17. Password managers are possibly the most intimate service in our digital life. If used well, they hold the keys to our individual kingdoms. While its encryption generally prevents password managers’ parent companies from seeing their actual passwords, LastPass still offered a bunker prevention option to reset a free-tier user’s master password in an emergency.
Now imagine you’re a free tier user, stuck abroad trying to negotiate a login issue, and the company you trust with more access than anyone else won’t even reply to an email. Oh.
These factors combine to negate any competitive advantage your free tier service has gained with LastPass and brings you into closer combat with your peers. Meanwhile, 1Password has been steadily closing in on the crown, even as it only touts very fine fringe wins in key areas. We look forward to receiving new reviews from CNET about 1Password and several of its peers soon. In the meantime, though, this is where the two titans of password privacy compare.
1Password is moving closer to LastPass’s leadership in password management since LastPass announced its new free tier restrictions. With its hyper-flexible platform support, company policies that increase transparency, strong security features, and a silky-smooth interface, 1Password leaves us wondering if LastPass can keep its crown.
Sarah Tew / CNET
LastPass’s legacy is rapidly deteriorating after announcing that its precious free tier will be limited to use on a single device. LastPass has never been more at risk of being dethroned, as its security and compatibility advantages over 1Password boil down to very little marginal gains.
Profitability: 1Password for Singles, LastPass for Families
Both password managers are comparable at the single subscription base price, but 1Password gains a penny head start.
A single one-year subscription to 1Password costs $ 34.88 and comes with unlimited login storage, 1GB of document storage, and optional two-factor authentication through Yubikey for added security. LastPass offers the same for $ 35.
However, LastPass outperforms 1Password on family plans. The LastPass family plan costs $ 4 per month and allows up to six users, while the 1Password family plans start at $ 5 per month and allow only five users.
Both admins offer a trial period, but LastPass is better, offering you 30 days compared to seven for 1Password.
Platform compatibility: 1 password (for a nose)
Both administrators work on Windows, MacOS, Linux, Chrome OS, Android, iPhone, and iPad. Both offer ways to work with Chrome, Firefox, Safari, Edge, and Opera. On mobile, the two reach a draw. But on your laptop? 1Password has native apps that run with its browser extensions, while LastPass only relies on browser plugins. This gives you a slight edge in flexibility, but only in rare cases.
1Password also has a Chrome OS app that allows 1Password to live in your browser and offers keyboard shortcuts to quickly find your logins across all of your desktop options. And if you want to run a smaller version of 1Password, you can also use its mini-applications on Windows and MacOS.
Because administrators are focused on the browser, the compatibility factor also gives you an idea of its overall usability – how they look and feel to an average user. If you have a slow machine or are working with extremely limited processing power, LastPass browser extensions are your best option for a fast browsing experience.
However, comparing visual ease, LastPass organizes your password vault in a nested folder system, while the similar 1Password system also allows you to add tags to your logins. Can’t remember the name of the movie site you were using last week? Just search for “entertainment” on the 1Password tags to see the list of streaming sites you’ve logged into.
Security: both are secure, but 1Password is more transparent
LastPass outperforms 1Password in an important security advantage: password generation. While they both have random password generators, LastPass’ spits out stronger passwords faster than 1Password with a one-click process. You can’t customize the password generation parameters like you can in 1Passwords, but that’s arguably stronger as it reduces the human error factor by default. Even with less parameter customization, LastPass generator settings can still be more easily adjusted for sites that are picky about password selection. You can also enable LastPass to automatically update your passwords.
However, in general, 1Password has the advantage.
Both LastPass and 1Password encrypt your logins locally to normal AES-256 standards, which means your passwords are encrypted before they are sent over the internet, rather than relying on a cloud-based service to further encrypt them. afternoon. And LastPass offers more convenient, so you would think you would have an advantage there, but that’s not necessarily the case.
1Password also offers two-factor authentication, but its onboarding process gives it a superior security advantage over LastPass.
For LastPass, you only need one master password to create your vault and access it on all platforms. With 1Password, you use a master password to access your vault on all platforms, but during setup you will need that master password plus a security key. 1Password also increases privacy by offering a convenient QR code configuration option so you don’t risk exposing that key through handwriting. On Mac, you can use Touch ID to unlock 1Password, and on iOS devices you can also use Face ID.
1Password’s Watchtower feature adds another inch to its narrow competitive advantage. Watchtower regularly scans the dark web for any appearance of your unique credentials, and alerts you if it finds your information out of your pocket. LastPass offers a similar feature called Dark Web Monitoring. While we’re excited to get a closer comparison of the two features in the future, the difference for now seems to be that Watchtower allows you to select which sections of its vault you want to check. This ability to create bulkheads within the account could give you more control over the flow of data between your manager and your credentials.
While some may point out thatmakes it a less safe bet, I’d say it’s a shortsighted argument: there is always a strong correlation between the popularity of any security tool and the length of its bug history sheet. There are three most important factors to weigh: the damage incurred by the infringement, the company’s error prevention and elimination process, and the company’s transparency.
While LastPass has competently addressed these factors in its own way, LastPass returned to the limelight in February asattached to the LastPass Android app.
1Password wins for me on this, for now, because it seems to have gone further than LastPass in the depth and content of its third-party audits, and because the same organization was found to have no web crawlers.
None of the managers proudly enjoy the distinction of being open source, like BitWarden, which is quick to take over from– but 1Password seems to strive for maximum transparency. And that’s a move worthy of the crown.
We hope to see who ends up with that crown in our next reviews, but for now, the competition between 1Password and LastPass is too close to end, and that should concern LastPass regardless of the outcome.