Not so long ago that I raised an editorial gift for the reigning champion of password managers, LastPass, recommending it not only for its broad set of premium features, but – more importantly – for its refusal to disappoint its veteran fan base of free users, even when it faced a scrutiny about a change of ownership.
A moment of silence, then, for our beloved fallen freeware: As of March 16, LastPass free level users you can only use the service on just one type of device – desktop or mobile, but not both. Good night sweet prince.
Read More: Best password manager to use in 2021
The change tragically undermines a key security principle that made the free version of LastPass so effective in central security – its seamless multiplatform integration. Using a password manager to increase security, perhaps more than many other privacy products, revolves around the support point of maximum user convenience. If it is not immediately and consistently visible throughout browsing, a password manager can be quickly forgotten and its increasing number of passwords becomes more easily stored in the browser itself (a much less secure option).
With more types of devices connected to the Internet in the hands of users – and with a digital divide contributing to a broader shift towards Internet access via telephone – Internet use is becoming more fluid. Therefore, a free password manager that cannot move skillfully between a user’s devices will not work.
In addition to losing multiplatform access on March 16, people using the LastPass free tier will also lose customer support by email from May 17. Password managers are arguably the most intimate service in our digital lives. Well used, they hold the keys to our individual kingdoms. While its encryption typically prevents companies controlling password managers from seeing their real passwords, LastPass still offers an anti-bunker option to reset a free user’s master password in an emergency.
Now imagine being a free tier user, caught overseas trying to negotiate a login issue, and the company you trust with more access than any other will not even respond to an email. There.
These factors combine to nullify any competitive advantage that your free tier service gained in LastPass and brings you closer to combat with your peers. Meanwhile, 1Password has been steadily approaching the crown, even announcing only thin marginal victories in key areas. We look forward to receiving recent CNET reviews of 1Password and several of its peers soon. In the meantime, however, this is where the two password privacy titans are in comparison.
1 password
1Password has been approaching LastPass leadership in password management since LastPass announced its new free level restrictions. With its hyperflexible platform compatibility, corporate policies that increase transparency, robust security features and silky smooth interface – 1Password leaves us wondering if LastPass can keep its crown.
Sarah Tew / CNET
LastPass’ legacy is souring quickly after announcing that its award-winning free tier will be limited to use on just one device. LastPass has never been more at risk of being dethroned, as its security and compatibility advantages over 1Password are reduced to minimal marginal wins.
Value for money: 1Password for singles, LastPass for families
Both password managers are comparable in the basic price of a single subscription, but 1Password gets an advantage for just a few cents.
A single one-year subscription to 1Password costs $ 34.88 and comes with unlimited login storage, 1 GB of document storage and optional two-factor authentication via Yubikey for added security. LastPass offers the same for $ 35.
However, LastPass outperforms 1Password in family plans. The LastPass family plan costs $ 4 per month and allows up to six users, while 1Password family plans start at $ 5 per month and allow only five users.
Both managers offer a trial period, but LastPass is better, offering 30 days compared to seven in 1Password.
See this:
Keep your data safe with a password manager
1:13
Platform compatibility: 1Password (for a nose)
Both managers work on Windows, MacOS, Linux, Chrome OS, Android, iPhone and iPad. Both offer ways to work with Chrome, Firefox, Safari, Edge and Opera. On the cell phone, the two are tied. But on your laptop? 1Password has native apps that run with its browser extensions, while LastPass depends only on browser plug-ins. This offers a small advantage in flexibility, but only in atypical cases.
1Password also has a Chrome OS application that allows 1Password to live in your browser and offers keyboard shortcuts to quickly search your logins across all desktop options. And if you want to run a leaner version of 1Password, you can also use its mini-apps on Windows and MacOS.
Since managers are focused on the browser, the compatibility factor also gives an idea of their overall usability – how they look and feel to an average user. If you have a slow machine or are working with extremely limited processing power, LastPass browser extensions are your best option for a fast browsing experience.
Comparing for visual ease, however, LastPass organizes your password vault in a system of nested folders, while the similar system of 1Password also allows you to add tags to your logins. Can’t you remember the name of the movie site you were using last week? Simply search for “entertainment” in the 1Password tags to see the list of streaming sites you have connected to.
1Password, like LastPass, works on Windows, MacOS, Linux, Chrome OS, Android, iPhone and iPad.
1 password
Security: Both are secure, but 1Password is more transparent
LastPass beats 1Password in an important security advantage – password generation. Although both have random password generators, LastPass issues stronger passwords faster than 1Password with a one-click process. You cannot customize the password generation parameters as you can in 1Passwords, but this is arguably stronger, as it reduces the human error factor by default. Even with less parameter customization, the LastPass generator settings can still be more easily adjusted for sites that are demanding on password selection. You can also enable LastPass to automatically update your passwords.
Overall, however, 1Password has an advantage.
Both LastPass and 1Password encrypt your logins locally to normal AES-256 standards – meaning that your passwords are encrypted before they are sent over the internet – rather than relying on a cloud-based service to shuffle them later. And LastPass offers more convenient two-factor authentication, then you would think you would have an advantage, but that is not necessarily the case.
1Password also offers two-factor authentication, but its integration process offers a superior security advantage over LastPass.
LastPass and 1Password encrypt your logins locally before they are sent over the Internet.
Last pass
For LastPass, you only need a master password to create your vault and access it on all platforms. With 1Password, you use a master password to access your vault on platforms, but during setup, you will need that master password plus a security key. 1Password also increases privacy, offering a convenient QR code configuration option so you don’t risk exposing that key via manual typing. On Macs, you can use Touch ID to unlock 1Password and on iOS devices you can also use Face ID.
1The password Watchtower feature adds a few more inches to your narrow competitive advantage. Watchtower regularly scans the dark web for any appearance of your unique credentials, alerting you if you find your information out of pocket. LastPass offers a similar feature called Dark Web Monitoring. While we are excited to get a closer comparison of the two features in the future, for the time being the difference seems to be that Watchtower allows you to select which sections of your safe you want to check. This ability to create bulkheads within the account can provide more control over the flow of data between your manager and your credentials.
Although some may point out that LastPass bug and breach history makes it a less certain bet, I would say it is a short-sighted argument: there is always a strong correlation between the popularity of any security tool and the extent of its criminal record. There are three most important factors to weigh: the damage suffered by the breach, the process of eliminating insects and preventing the company and the transparency of the company.
Although LastPass competently addressed these factors in its own way, LastPass returned to the spotlight in February as researchers discovered seven web crawlers attached to the LastPass Android app.
1Password wins for me in this – for now – because it seems to have gone beyond LastPass in the depth and substance of its third party audits, and because it was discovered that it had no web crawlers by the same organization.
No manager likes the distinction of being proudly open source – like BitWarden, which is running to grab the best free password manager – but 1Password seems to be striving for maximum transparency. And this is a movement worthy of the crown.
We look forward to seeing who will end up with that crown in our next analysis, but for now the competition between 1Password and LastPass is too close – and that should worry LastPass regardless of the outcome.