You Need a Password Manager — Just Don’t Use LastPass
Popular password manager LastPass dropped an unwelcome surprise this week. In March, the company will restrict access to its services for users on its free tier, forcing them to either pay a regular subscription fee or limit password management features to mobile or desktop. Free users will no longer be able to use both without paying, and they will also lose access to customer support via email.
This is a hostile move that should make anyone using the software consider moving elsewhere before coughing up. What else will the company change to juice its subscription numbers?
Of course, password managers are worth paying for. They hold the keys to your digital life and help keep your information secure. Paying for software means investing in its continued development and support, which provides stability and should help avoid unexpected changes like the one affecting free users of LastPass right now.
The issue, then, isn’t so much that LastPass wants people to pay for its service — it’s that LastPass is demonstrating a willingness to mess around with your access to your most sensitive information in order to try upselling users who are already locked in. The company created a product that people have come to rely on and then suddenly changed the terms of its use. It’s not a good look for a company that helps you access your bank account, Facebook login, Gmail, and so on.
No, Really — It’s Time to Get a Password Manager
Keep virtual villains at bay with these easy tips
If you’re in the market for a new password manager, the good news is that there are many good choices.
For the past seven years, I’ve been a big fan of 1Password. The company’s software is available on practically every device, from Windows and macOS to iOS and Android, as well as a next-generation browser-based version for Chromebooks and other devices that will feel familiar to LastPass users.
The reason I endorse 1Password is that the company has shown genuine care about its users over the years and is incredibly aggressive with updating its apps for new features on devices soon after their release, like Touch ID unlocking, Windows Hello, and biometrics on mobile devices.
1Password syncs using a cloud service, so it’s seamless to use, regardless of where you’re logging in. It starts at $2.99 per month for one user or $4.99 per month for a family of five, which makes it easy to get your partner or parents on board as well. Migrating from LastPass is as easy as exporting your data and importing it into 1Password.
Another great tool recommended by OneZero editor-in-chief Damon Beres is Dashlane, which works on all your devices and syncs using its own cloud service. On top of all the standard features, Dashlane throws in a free VPN service and even offers a tool for automatically changing passwords on supported sites.
Dashlane offers a free tier for up to 50 passwords, then costs $6.49 per month for one user or $8.99 for a family of five, and the company has a simple tool for migrating from LastPass.
If you want to control your password vault rather than trust it to a cloud service, Bitwarden is frequently recommended online because it allows you to keep your vault on your own server, rather than pay for the company’s cloud service.
Doing so is not for the faint of heart, as it requires keeping a server online and secured, but adventurous or privacy-minded folks swear by the control Bitwarden provides while still delivering access to top-quality apps on desktop and mobile. There is also a paid tier, starting at $10 per year, where Bitwarden hosts your vault for you.
The major concern with this recent move by LastPass is that many customers won’t want to pay for a password manager, sending them back to old, insecure methods — reusing passwords, using weak passwords, keeping information saved in obvious places, etc. This would be a security disaster.
If you’re feeling on edge about paying for a password manager, there are a number of great free options that you should consider.
Mozilla makes a fantastic free password manager called Firefox Lockwise, which is probably enough for most people. It does require that you use the Firefox browser to get the most out of it, though. There are also decent password managers built into operating systems these days, like Apple’s iCloud Keychain (which only works on Mac and iOS devices) and Microsoft’s Authenticator (which works on all devices).
If you aren’t already using a password manager, now is the right time to start: Using a unique, secure password for each service makes you much safer online, and it’s far easier than trying to memorize which email and password combination you used for each individual website. By using unique passwords, when a service you use is inevitably hacked, you won’t need to change it everywhere. You’ll just have to update that one affected site, rather than your whole digital life.
There’s nothing wrong with starting with a free password manager. It’s certainly better than the alternative. But as LastPass has shown us this week, free software can change at any moment. If you want stability and to forget about passwords forever, paying for that peace of mind is cheaper than a nice coffee.