Using a password manager can be one of the most important steps you take in securing yourself online (and being “internet awesome”) but picking the right one for you isn’t always easy. To that end, we’ve pitted two of the most popular managers against one another in a battle to see which is better: LastPass vs. 1Password.
On the surface, there might not seem to be too many differences between the two applications. They both offer solid password protection in the form of encrypted data entries and can help you generate long, secure, unique passwords for your various sites and services. However, when you get into the nitty-gritty of their usability and feature sets, there are a few noteworthy differences.
For more tips on how to stay safe and private online, check out our guide to online privacy.
The most fundamental feature that every password manager needs to get right is, of course, protecting your passwords. Both LastPass and 1Password utilize a master password system to lock up all of your other login credentials in a strong, digital vault.
LastPass passwords are stored on its remote servers, but they are obfuscated using 256-bit AES encryption. Passwords are only encrypted and decrypted on the local machine, so there should be no way a man in the middle attack could compromise your login credentials. Although LastPass has been compromised at some points in the past, it’s been excellent at rebounding with improved features and tighter security.
To make sure that your master password (and others) are secure, LastPass employs a “Security Challenge” that looks at the complexity of your passwords, then lets you know whether they’re strong enough. If they’re not, you can use its built-in password generator to create replacements that are far harder for humans and machines to guess.
LastPass also offers multi-factor authentication using a number of potential options, including its own two-factor solution, and those provided by third parties like Google.
In comparison, 1Password stores its password data locally and only copies it to the cloud for syncing across multiple devices. Just like LastPass, it encrypts all data before it leaves your PC with 256-bit AES encryption, so even if someone were to gain access to it, they wouldn’t be able to read it.
Along with a master password, 1Password utilizes a “secret key” which never leaves your login devices, and is required for logins. That holds some advantages over multi-factor authentication, though it does mean that 1Password does not have the option of hardware or software based, third-party authentication systems. It does offer fingerprint logins, for those who like to use biometrics to authenticate themselves.
1Password also helps you generate new passwords based on your own preferences, using combinations of words, digits and symbols with a customizable length.
In case you ever lose your login credentials, 1Password offers an “emergency kit” PDF file which you can store digitally or print off. It contains every credential you need to gain access to your account, so it’s best to store it somewhere very safe, but it provides a real-world backup should you forget your master password or other related login information.
Protecting your passwords is well and good, but in a battle of LastPass vs 1Password, what are their expanded feature sets like?
Both services support a variety of platforms, including Windows, Mac, iOS and Android, though LastPass has a slight edge with the addition of watchOS and Linux support. LastPass also takes the lead in browser plugin support, with Microsoft Edge added to their shared support list of Chrome, Internet Explorer, Firefox and Safari.
LastPass and 1Password also both support the storage of secure documents up to a certain file size limit. Both services can store bank details, credit card credentials, and addresses.
When it comes to sharing passwords with friends and family, both services make it easy to accomplish. 1Password offers a unique, family URL for you to give different people access to your vault, while LastPass offers a specifically crafted sharing folder just for those family-friendly logins.
1Password’s Watchtower feature is one that often sets it apart from the competition. It keeps an eye on websites that have been hacked, and if you have an account on them, it will let you know you need to change your password. LastPass offers something similar, but it’s not quite as accessible as it’s only available within the “Security Challenge” tool.
LastPass’s solution, however, does warn you of reused passwords, as well as any you have stored which it considers weak, prompting you to use the best personal security practices.
In terms of applications, LastPass doesn’t have a Windows one, though its extension vault system acts much like one. It also has mobile applications for iOS and Android platforms. 1Password has the same mobile application availability, but also offers a downloadable password vault.
Ease of use
An intuitive, clean user interface is paramount for any application, password managers included. Although it is somewhat more subjective than the other categories in this comparison, it’s still an important consideration to make.
We found 1Password’s interface almost too clean, with large, white spaces in both its online and offline tools, which leave you clicking through successive menus to find what you’re looking for while you’re still learning how it works. Everything is laid out neatly, but it’s not immediately obvious where everything is.
Although its login system is detailed, requiring an account URL, email, master password and secret key to access your account, that system isn’t as easy to get to grips with as more standard logins. While security is understandably paramount with such software, we found the login a little confusing to start with.
LastPass, on the other hand, was a breeze. Its extension-focused platform, clear, color-coded menu system, and use of more common multi-factor authentication devices meant we felt immediately more at home using it than 1Password.
1Password offers a 30-day free trial for its services, but no permanent free solution. If you want long-term password storage and security with 1Password, you need to pay $3 a month for a personal account, paid annually. That gets you a single login for unlimited devices, with access to the apps and web-app, a gigabyte of secure document storage, and 365-day item recovery.
For a more expanded account, the 1Password family option is priced at $5 a month and gives you similar capabilities, but up to five different logins — additional ones can be had for $1 a month each. You get everything in the personal account, as well as password sharing, permission control, and an account recovery system.
LastPass, on the other hand, does have a permanent free account system which gives you password storage for one user, access to its online extension, multi-factor authentication, and its secure notes storage.
If you don’t mind paying, there is the $2 a month premium version, which adds password sharing, emergency access, priority with tech support and a gigabyte of encrypted file storage. Families can also take advantage of the cost-effective $4 a month tier, which provides access for up to six users with the same feature set.
LastPass is simply the more cost effective for both individuals and families and has comparable features for the money.
Overall winner: LastPass
Although they offer similar packages overall, the way LastPass and 1Password do things is different enough that we can pick one overall winner. For its comparable feature set, ease of use, and pricing, we have to give the nod to LastPass. We found it more intuitive to navigate and preferred its interface.
We’re also big fans of its support for multi-factor authentication. Although we can appreciate 1Password trying to do things differently with its secret key, we feel that multi-factor logins are a more secure way of protecting your digital data. If you just want to pick one and get started, LastPass is our firm recommendation.
- The best password managers for 2019
- A Facebook, Instagram bug exposed millions of passwords to its employees
- Online passwords: Research confirms millions of people are using 123456
- Hackers broke into Outlook.com using worker’s credentials, Microsoft says
- Hackers demanding bitcoin payments for code held hostage from GitHub and GitLab