Passwords are terrible. They're either too easy to guess or impossible to remember, and using the same one everywhere is practically inviting hackers to take down all of your accounts at once. Which is why password managers are a good idea.
Password managers generate secure passwords for you, store them securely, and fill out login forms for you. When it comes to the best password managers, there are two clear leaders: LastPass and 1Password. LastPass is widely known for its free option, while 1Password stands out because of its polished design.
How do they stack up? Here's a comprehensive look.
Common features and what we looked for
1Password and LastPass both generate secure passwords and store them for you, keeping them in a vault you can access across all your devices. Both use one master password to secure your vault, meaning you only need to remember one password to access all of your accounts.
Because you use these services in connection with all your other apps, subtle differences in how they work can have a big impact, namely for ease of use. How easy is it to share logins with other people? How about changing your passwords? Or toggling between multiple accounts?
Here are the features we're highlighting in our showdown. Jump to the one that matters most to you, or skip ahead to the end for a complete feature comparison.
Apps and platform compatibility
LastPass and 1Password both have robust app support across many platforms.
A password manager isn't very useful if you can't use it everywhere. If you're going to have passwords that are difficult to remember and type in, you're going to need the software to help you enter your passwords no matter what site you're on.
LastPass has slightly more robust support for obscure browsers and operating systems, but unless you're using Windows Phone, it's unlikely that's going to be a deciding factor.
Yes (command line)
Dolphin browser for Android Windows Phone Windows RT
Because these apps are supported by so many different platforms, there are inevitably differences in how they work on each platform. We've tested on various platforms and will differentiate as much as possible while describing the features.
LastPass and 1Password operate almost identically on mobile platforms, since Android and iOS both support password management and autofill. Both services also have browser extensions for Chrome, Firefox, Safari, Opera, and Edge that work similarly.
On the desktop, however, there's a bigger difference. 1Password offers native desktop apps for Windows and Mac users; LastPass more-or-less relies on browser plugins.
1Password has local apps for Windows and Mac that you can use offline to access your passwords or any other information you have stored in your vault. These apps also offer a universal keyboard shortcut for quickly searching your passwords, something LastPass no longer offers on the desktop. 1Password for Chrome OS is a browser-based app, which is common for apps on the platform, and there's a command-line tool for Linux.
Notably, 1Password requires the desktop app to be installed in order to use the main browser extensions. However, the company offers an alternative extension, called 1Password X, which works independently of the desktop app. Currently, 1Password X only works on Chrome, Firefox, and Opera—so far, there's no Safari version. 1Password X is not quite as full-featured as the regular app/browser combo—for example, its password generator isn't as robust. For clarity's sake, we'll be focusing on the regular version of 1Password for the bulk of this comparison, but if you're on Linux or don't want to download a full app, this option might be for you.
LastPass, on the other hand, doesn't really focus on desktop apps. The company offers a "universal installer" for both Mac and Windows that will download browser extensions for every browser, or you can download them all individually. There are also desktop apps for LastPass in the Windows and Mac app stores, but both are more-or-less just the web version of LastPass running in a dedicated window. LastPass's own documentation recommends that you use a combination of browser extensions and mobile apps.
Overall, the differences between the services exist only on the edge cases. Both apps support most major browsers and operating systems. However, if you want to use a local desktop app for offline use, you may want to consider 1Password. If you use a more obscure platform like Dolphin Browser for Android or Linux, then LastPass might have more for you.
Setting up your vault
LastPass and 1Password are both easy to set up, especially if you already use saved passwords.
Both services require you to create an account to begin. Like any other web service, you enter and verify your email address, select which plan you want to use, and create a password. Since this password will protect all of your other passwords, you'll want to make sure it's strong and that you never use it anywhere else. So take some time to create a long, hard-to-guess password.
Since long passwords can be hard to remember, we suggest using a passphrase, a collection of seemingly unrelated words that are easy to remember. Something like
zapiertoldmetousethispassword. But…don't actually use that.
The main difference in the setup is that 1Password also gives you a secret key, which you'll need to access your vault on other devices. LastPass requires just your master password, while you can't get into your 1Password vault without your master password and secret key. This gives 1Password a slight edge in making unauthorized access to your vault more difficult, without much extra inconvenience—there's even a QR code you can scan to avoid typing your username and secret key out manually.
So, now that you have an account, how do you get your password vault up and running? It depends where you're coming from. If you've been using another password manager or saved passwords in your browser, you can import them into LastPass or 1Password.
Both work similarly: You export a .csv or .xml file from your old password manager, then import that file into your new one. You can do this on the web from 1Password's dashboard by clicking [Your name] > Import. LastPass doesn't seem to have an import option through the web app, but you can use the browser extension. Click the icon in your browser bar, then select Account options > Advanced > Import.
If you don't have saved passwords, then you need to build your vault, which refers to all the logins you have stored in your account (1Password also refers to smaller, more specific groups as vaults, while LastPass calls them folders). Both make this pretty easy to do. Install the extension in your browser, and then log in to any given website like you normally would. Once you've logged in, there will be a pop-up on the screen, asking if you want to add the login to your collection. Go about your web browsing like normal, saving your sites as you log in, and you'll have your vault built up in no time. It works similarly on mobile. When you log in to a recognized app or webpage, it'll save the login information to your vault.
Both apps also let you add passwords to your vault manually. In the 1Password browser extension, click the settings icon and select Save new login. In LastPass, click the extension button in your toolbar and select Add item, then Password (or whatever kind of information you want to add), which opens a screen where you can enter the web address, username, and password. LastPass will automatically fill in the URL for the site you're on, while 1Password will also offer to update existing logins for the site you're on, if you already have one in your vault.
Given how well both apps tend to capture passwords when you first log in, though, you're unlikely to need to use this feature often. On the whole, both make it easy to add your existing passwords to your vaults, whether it's all at once or over time.
Logging in to your accounts
LastPass is more streamlined, while 1Password manages multiple account logins more easily.
If LastPass recognizes a login page, it fills the username and password fields in by default, letting you just click the sign in button and be on your way. If it doesn't recognize the site or you want to use a different account, you can click the LastPass logo in the login box which will open a list of your accounts connected to that site. Click the account you want to log in with and LastPass will autofill that username and password.
1Password is a little different. You can click on the 1Password extension icon to see a list of your available accounts related to the site you're on. Pick one of them and 1Password will automatically fill in your username and password. Alternatively, you can click on the username or password fields, and press
Command + \ (
Ctrl + \ on Windows). This will automatically enter whatever credentials 1Password thinks are most likely to be the right one. If you'd rather pick from a list of accounts, you can press
Command + Option + \ (
Ctrl + Alt + \ on Windows) to pull up a dialog box that will let you choose which account you want to log in with. Alternatively, you can right-click, select 1Password, and then select your account.
LastPass wins on speed. Having your password automatically filled in as soon as the page loads is just faster and easier (albeit arguably less secure). 1Password is easier to use on websites where you have multiple accounts—you can trigger the keyboard shortcut and browse multiple options without ever touching your mouse—so it may be preferable if you have many different accounts on most of the websites you use.
Creating new passwords
LastPass and 1Password both have robust password generators, with a slight edge to LastPass.
The best passwords are long, random ones you can't remember. Of course, humans aren't good at creating actual randomness, which is why LastPass and 1Password have password generators to take care of that for you.
With LastPass, whenever you're creating a new account, you'll see an icon in the password field that you can click to create a random password. If you select Generate and fill, it will generate a password and enter it into the password and confirm password fields. Once you create your account, it'll update your vault. This doesn't even give you a chance to see the password, so it's secret even from you.
You can choose More options to change the parameters, like the length of the password, whether or not it includes numbers or special characters, and even an option to make the password easy to read or easy to say out loud. These last options are especially helpful for passwords you might still need to interact with, like your Wi-Fi or Netflix password.
1Password works a little differently. To generate a password, click the 1Password extension icon in your browser's toolbar, then click the button labeled Generate password. You can customize the parameters to make a long nonsense password, a passphrase made up of random unrelated words, or a PIN. You can tweak things like whether it uses numbers or symbols or which symbol is used to separate words in a passphrase. Once you have a password you like, you can copy and paste it into the password field.
This method takes a few more steps than LastPass, but if you're using the more experimental 1Password X, you'll see a box appear below the password field without having to click anything at all. You can just click to accept the suggested password and be on your way.
LastPass is generally easier to use than 1Password's standard browser extensions, but if you use 1Password X, then they're on equal footing. If a site has special requirements for passwords, the generator in LastPass is slightly more convenient to tweak, though 1Password's generator opens in a separate window which can be handy.
Changing your passwords
LastPass has a strong edge with the experimental Auto Change Password feature.
It's best practice to change your passwords every once in a while. And even if you ignore those best practices, you'll eventually get locked out of an account or a website you have an account on will get hacked. Regardless, when it comes time to change your password, LastPass and 1Password will both attempt to pick up the new password and update your vault. LastPass gives you a brief pop-up telling you that it's changed the password in the vault, while 1Password will ask if you want to use the new password. LastPass's approach is more proactive, but 1Password gives you more flexibility.
More importantly, both services have ways of letting you know if your password is out of date or needs to be changed. LastPass has a feature called the Security Challenge that will scan your database for duplicate, weak, or old passwords, as well as comparing your passwords against a database of known security breaches. All of this adds up to an overall security score that will tell you just how safe your online life is.
The feature will also tell you in what percentile of LastPass users your security practices rank. When it comes to security, it's often less important to be perfectly impenetrable than it is to be more secure than someone else. This standing score can help give you some perspective on how good or bad your practices are.
1Password's Watchtower offers similar features, but a bit more directly. In the sidebar of the desktop app, you'll see several categories like Compromised Logins, Vulnerable, Reused, and Weak Passwords, as well as Unsecured Websites. This helps you actively keep track of security risks. 1Password doesn't offer any kind of scoring system, but it does make it easier to keep an eye on when you need to change your passwords.
All that said, LastPass has one ace up its sleeve: Auto-Change Password. This experimental feature allows you to click one button to automatically change your password on up to 75 websites including Facebook, Twitter, Amazon, and more. In your vault, some entries will say Auto Change Password under the password field. Clicking that opens a new tab, navigates to the password change page, generates and submits a new password, and updates the vault for you.
The process can take a minute or two—and you might need to manually enter a two-factor authentication code if you have that enabled—but otherwise you don't have to do anything. Even if the feature is only supported on a relatively small number of websites, it's incredibly useful.
Sharing logins with others
LastPass has more features on the low end and includes sharing outside of teams.
When it comes to sharing login information with others, LastPass has a clear advantage on the cheaper plans. Even a free personal LastPass account can share logins with others. In the Sharing Center section of the web app, you can enter a colleague's email address and choose which items to share with them. You can even hide the password, letting them log in without letting them see the password in their vault. Since 1Password doesn't even offer a free tier, this is a strong advantage.
At the high end, the two are much more similar. Both 1Password and LastPass accounts at the family, team, and enterprise levels let you create "vaults" or "folders" containing multiple logins to share with your team. That allows you to share sets of passwords with specific groups, e.g., your Marketing team. Each service has a dashboard to manage who has access to what: the admin can give permissions to view and change all passwords, or restrict what can be done with them on a user-by-user basis.
The big difference between the two apps is how they think about sharing: 1Password works exclusively in vaults, while LastPass lets you share both folders and individual logins. Sharing of individual logins is available on all LastPass plans, while 1Password has no similar feature. Both allow sharing with guests outside of your team/organization, but to share just a single login with 1Password, you'd have to create a vault with nothing more than that single login, which can be an administrative headache if you have to share different sets of logins with a lot of different people.
If you're just managing your team's or family's passwords, there isn't a killer feature to distinguish the two. If you have to deal with freelancers or anyone else that's not a permanent member of your team, then LastPass offers a lot more flexibility.
Data storage and protection
LastPass and 1Password both store data on their servers, but 1Password has an older, offline-only option.
Even though you store your data on LastPass or 1Password servers, they can't access your vault or any of your logins. All the data is encrypted, which means it's an incomprehensible blob of data if you don't have the encryption keys. Those keys are generated on your device using your master password (and secret key for 1Password), and those are never sent anywhere, even to LastPass or 1Password. This secures your vault against data breaches or social engineering attacks, but also makes account recovery more difficult.
If you're understandably wary of storing data on servers you don't control at all, then 1Password has an alternative. Older versions of the app allow you to store your password vault locally. You can even sync your data through services like Dropbox, so you control the space where your vault is stored. However, 1Password no longer updates or maintains the older versions of the app that you'd need to use this method. Generally speaking, it's not a good idea to use old, unsupported software for security, so we wouldn't recommend this method unless you have a very specific need for it.
Recovering your account
LastPass gives you more convenient options, while 1Password puts more control in your hands.
It is very, very important that you don't lose the login information for these apps, because you may be locked out completely. Neither LastPass nor 1Password can access your vault, which is good—that's why your passwords are secure. But this also means that, if you forget your master password, it can be an enormous hassle.
Having said that, both services have ways to handle this. In general, 1Password leans more toward the preventive style of handling disasters—which means the app is expecting you to be responsible. When you sign up, you'll get an Emergency Kit, which has your secret key, email address, and space for you to fill in your master password. They recommend printing and keeping a copy somewhere like a safety deposit box, though an encrypted copy kept offline—like on a USB stick you keep locked away—can also work.
If you're on a shared plan, someone on your team/business/family plan may be able to help you restore your account in the event you lose your Emergency Kit, or you can export your vault from a device that hasn't logged out. This page provides a list of options you can try if you get locked out of your vault. However, they all involve working around the access you already have. There's no method for the company to help you regain access to your vault if you lose your password.
LastPass, on the other hand, provides more convenient recovery methods, which are arguably less secure. You can set up recovery through SMS codes or one-time passwords sent via email. The SMS codes are sent to your phone number and activate a locally-stored one-time password to unlock your vault, after which you will create a new master password. You can also get a one-time password sent to your email account, though these are specific to each combination of computer and web browser, so using one can be a little complicated.
This process can pose a mild security risk, since an attacker who has access to your phone or email could theoretically use the same process to get access to your vault. But SMS recovery codes are off by default, and emailed recovery passwords should be a little difficult to use since they have to correspond to the exact computer and browser. In other words, an attacker would have to also be using your computer for the recovery passwords to be useful. This page has more information about all of your recovery options.
Advanced security features
LastPass and 1Password both offer compelling security features.
There are a few extra features that aren't the main selling points, but may be useful for deciding which password manager you choose for your business.
1Password and LastPass both offer two-factor authentication to protect your vault. Both work with many common authentication apps and hardware keys, with LastPass supporting slightly more. Unless you're using something obscure for security, it's unlikely this would be a deciding factor.
LastPass has an Emergency Access feature in personal and family plans, allowing someone to access your vault if something happens to you (such as illness, death, or disappearance). A trusted person can request access to your account at any time. If you don't refuse the request within a set amount of time, they get access to your vault, which you can revoke at any time.
1Password lets you set some vaults as safe for travel and others as not. When you turn on travel mode, the sites that are listed as not safe for travel are removed from your device. This is useful especially at border crossings where you may have to hand your phone or computer to the authorities, and also helps any time you're traveling with data that would be dangerous if lost or stolen.
Restrict access to particular countries
By default, LastPass only lets you access your account from the country you created it in. When traveling, you have to proactively allow it to let you access your vault from whatever country you're going to. This prevents malicious actors coming from another country from getting access to your vault.
LastPass wins on price
Free basic; $3/month premium (billed annually)
$2.99/month (billed annually); $3.99/month (billed monthly)
Single user, access to all apps
$4/month, up to 6 users (billed annually)
$4.99/month (billed annually); $6.99/month (billed monthly); Up to 5 users
Multiple users, unlimited sharing between them, management dashboard
$4/user/month (billed annually), 5-50 users
$3.99/user/month (billed annually)
The above, plus admin dashboard and user management
"Enterprise" plan starts at $6/user/month (billed annually)
$7.99/user/month (billed annually)
The above, plus dedicated customer support, advanced reporting, and advanced security policies
Custom pricing for specific needs, $4/user/month otherwise
Can be customized to specific business needs
LastPass is the cheaper option for almost every plan you're looking at. It has a free individual plan (which 1Password lacks), and most comparable plans are cheaper with LastPass, except the Teams plan which has identical pricing as 1Password. The difference per user is even more pronounced in business plans, so if cost is one of your main concerns, LastPass has a very strong advantage.
If you're an individual trying to keep your passwords more secure, you can use LastPass's free account and have most of the features you'll need. There's no free version of 1Password—there is a 30-day free trial, but anything past that will cost you. The company has an option to manage vault storage yourself without a paying membership, but it's not actively supported anymore.
For personal plans, the differences are quite small: $3/month for one user with LastPass, identical to the $3/month for the same from 1Password. Family plans are similar: LastPass is $4/month for six users, while 1Password is $5/month for five users. Over the course of a year, the difference between each company is only $12, which is close to negligible depending on which features you need.
Team and enterprise plans have more complicated cost differences. LastPass has a teams plan that costs $4/user/month, and an enterprise plan that starts at $6/user/month. 1Password similarly has a teams plan for $3.99/user/month, a business plan for $7.99/user/month, and an enterprise tier with a custom rate. At the team level, 1Password and LastPass are essentially on equal footing, though LastPass has a limit of 50 users at this level. Anything more than that and you'll need to upgrade. At the business level, LastPass has a pricing edge, with a savings of around $2/user/month. If you have 50 users, LastPass is about $100/month cheaper, or $1,200 a year. Those savings add up. On the other hand, since 1Password doesn't have a user limit on Teams, you might not need to upgrade to Business at all, which could save you even more.
LastPass vs. 1Password: Which App Should You Use?
Both LastPass and 1Password are solid password managers, covering the majority of use cases you're likely to run into.
LastPass is the cheaper option and it's the only one that offers a free version. For the extra money, 1Password offers local apps, a more polished UI, and a somewhat firmer security stance. If you'd rather store your vault locally or if you prefer the secret key approach that adds one extra step to getting into your account, then 1Password is probably for you. If not, then LastPass offers more features for less money.
Finally, here's a side-by-side comparison of the two:
App and platform compatibility
Windows, Mac, iOS, Android, Chrome, Firefox, Safari, Opera, Microsoft Edge, command line, Debian, Ubuntu, Windows RT, Dolphin Browser
Windows, Mac, iOS, Android, Chrome, Firefox, Safari, Opera, Microsoft Edge, command line
Setting up your vault
Import feature from browsers and other password managers; accounts added as you log in
Same as LastPass
Logging in to your accounts
Login information filled in on page load; select account from a list
Login information filled in when you click browser extension
Creating new passwords
Password generator accessible when creating passwords
Passwords generated using browser extension
Changing your passwords
Use password generator when on change password screen; experimental "Auto Change Password" automation feature
Use password generator when on change password screen
Sharing logins with others
All plans can share with individual users outside your team; family, team, and enterprise have robust shared folder features
Family, team, business, and enterprise plans have robust shared folder features
Data storage and protection
Encrypted vault stored on LastPass servers
Encrypted vault stored on 1Password servers; option to store vault offline (not actively supported)
Recovering your account
Password hint, SMS codes (can be disabled), one-time passwords (tied to machine and browser)
Password hint, Emergency Kit
Advanced security features
Two-factor authentication, security check, emergency access, restrict to countries
Two-factor authentication, Watchtower, travel mode
Free basic individual plan, $3/month premium individual, $4/month family (up to 6 members), $4/user/month teams, $6/user/month enterprise
$2.99/month individual, $4.99/month family (up to 5 members), $3.99/user/month teams plan, $7.99/user/month business plan, Custom quote for enterprise plan (all prices billed annually)
This article was originally published in February 2019 and was updated most recently by Justin Pot.