While there are other options, such as Google SmartLock and Apple’s iCloud Keychain, LastPass is more feature-rich allows for storage of items other than passwords (more on this in future posts), and you can take it wherever you go syncing its contents securely across all your devices – unlike the Apple and Google options. For example, if you have your passwords stored on Google’s system, and decide to switch to using Firefox on a Windows PC – you’re out of luck. LastPass, however, has secure apps for all common operating systems (Windows, Mac, Linux, Android and iOS,) and browser plugins for Chrome, Firefox, Microsoft Edge and Opera.
Using their system, you can have the convenience of syncing your passwords and other stored data across any or all of your devices, whatever operating system they’re using.
Your passwords (and any other stored data) are encrypted on your device with an encryption key that is unique to you and your master password, before being transmitted to LastPass’ servers; this is known as a “zero knowledge” security model. The difference between this and a standard secure connection you might see on websites is that LastPass does not have access to your encryption key – meaning that they have no access to the contents of your vault; they have “zero knowledge” of the contents of your encrypted data.
Similar to Mega, a cloud storage service we covered a few months previously, LastPass’ servers store only encrypted data, and not the keys required to decrypt it – which means that even if their systems did suffer a security breach, any stolen data would be encrypted and indecipherable without access to your decryption key – which is stored only on your device and is locked behind your master password and two-factor authentication or biometrics if you have them enabled.
LastPass make a point of being open with their users and community, as well as security researchers, and they offer rewards for any users who discover security flaws, vulnerabilities or bugs in their software. As a result, their software is some of the best and most secure available.
