LastPass Reviews

Our primary use case is for enterprise password management.

• It increased security around password management for teams and collaborative efforts with external vendors. 
• A reduction in the number of sensitive passwords stored insecurely on our local systems.

For our company:

• Enterprise admin console
• Reporting
• Integration with Active Directory

• It needs more flexibility/functionality around making enterprise changes. 
• It needs more granular admin capabilities for a global distributed company. 
• The ability to set up an account expiration limit/date would be very useful.

We have had some issues, such as our 'security score bug' and various minor issues. Our biggest issue over the years was around the stability of the LDAP sync to AD. This now seems to have been largely resolved.

There are some challenges around global administration.

Technical support is generally pretty good, but they are not easy get on the phone with quickly.

We did not previously have an enterprise solution. Various groups used ad hoc systems.

The initial setup was fairly straightforward.

You do not have to purchase licenses for your entire organization. You can scale as adoption grows.

We did not evaluate other solutions.

You should make sure you know what you are doing before you sync with AD, or you could have a mess on your hands to clean up.

Primary usage is password management and sharing of credentials.

• Sharing passwords
• Deactivating users
• Controlling company logins
• Import existing credentials from different file formats.

Off-boarding of people is easy without changing shared account passwords.

Sharing Passwords with new employees for quick onboardings.

There is no group inheritance.
The management through the plugin is poor. It consumes tons of client resources especially as an administrator.
The plugin crashes from time to time.
URL recognition is difficult especially when adding new credentials, LastPass saves the Account creation url. Also when resetting a password, Lastpass recognizes the password change, great, but it also adds the password reset URL to the site. So when using the plugin and navigating to the saved url, you always end up in the password reset URL of the respective service.
As well you need to double check the settings. You have 3 options (hide passwords, read only, administrator) but when sharing a folder with a group or user, the check boxes randomly change, so you need to open the share settings again to check the checkboxes.
All passwords can be read if you are familiar with input fields and their manipulation. This is something LastPass might not be responsible but there must be an implementation if the input field is not "Password" that it does not fill in then password.
Further more there are several websites with Javascript features in the password field like "show pass" or other fancy features which overlay the Lastpass plugin and deny the Lastpuss button in the input field to be used.
The search is poor, got better with the recent update for chrome browsers.
credentials are not sorted by letter.
You cant share single credentials out of a folder to individuals. So either you extract the single entry into a new folder and share it with former group and single person or you share the whole folder to the user. This makes it a bit messy and having in mind that the plugin is really really slow you rather want to have fixed folders with fixed groups on the folder and add indivduals in the enterprise panel --> groups section. With the limitations mentioned you end up with almost same amount of groups as users in your account.

We have been using this service for two and a half years now.

Updates for browsers are not as regular as security issues arise.

We have had stability issues several times.

The more credentials you have the slower this app is.

Support answers quickly when enterprise customers call/write. Solutions are sometimes poor and un-reproducible. For example, they ask if you can logoff, login, or restart your computer which have no effect on the error reported. As well there are problems with shared credentials not available to allowed shared users and also available to not allowed users. After filing a ticket, magically it is solved without any feedback from support why this happened. This makes it really dangerous if you trust this software and by accident recognize on a client machine that the user has access to credentials which shouldnt be in the vault of the user.

We used keepass before.

Why we switched: Because we believed in feature and usage improvement, as well as more credential control.

The installation was not at all straightforward. Naming is hard, URL recognition is painful, and auto-fill is freaking people out. Imagine you have 100 different logins for Google (Adwords, Analytics, personal, merchant), and LastPass always fills out the first match, based on the URL.

Inhouse.

If you import from sources like XML, keepass, CSV files be sure to clean the import files, this reduces the adjustments in the slow tool itself. So take some extra effort to have clean files when moving to LastPass otherwise you end up manipulating each individual entry.

We have not evaluated other options, we were more or less early adopters and haven't tried other solutions.

Consider picking another solution.

We use it for keeping track of the passwords and ensuring that we have a good level of password complexity.

It is easy to use.

Its user interface should be better, and there should probably be more information about scalability.

I have been using this solution for three months.

I haven't had any timeouts or anything like that, so I would say it is stable.

I don't know about its scalability. This is a point that I'm trying to figure out.

We have about 15 users who are evaluating it. Its usage will depend on the outcome.

I haven't tried their technical support.

From what I've seen, I would recommend this solution to others depending on their needs.

I would rate LastPass Enterprise a seven out of ten.

Primary use case is to manage passwords and synchronize passwords for accounts, between the users that have permission to access those accounts.

If you have a password manager, there's improvement for the organization, of course. For the users themselves, they're using more complicated passwords; no more having the same password everywhere. And to access the Vault, you need two-factor identification: a master password and the two-factor. And all of this is encrypted. So security has increased. For those who are using it in the organization, it has improved their security for sure.

• Until now, I haven't found anything like the dashboard. It gives you a security score. I find that to be really great.
• The Sharing Center is really great as well.
• The Security Challenge is really great too. I like that feature.

From a technical standpoint, it's working great. I don't see many issues. One thing I wish LastPass had is an integration with Active Directory, not for synchronizing users but to actually manage, in some way, privileged accounts by replacing the password of LastPass itself.

Also, at the moment, for the whole company, we are going to use software called Passportal. The main reason is the synchronization of the automation of password changes. That is really important. I know LastPass can change them for 75-plus websites if they don't have two-factor identification. If they do have two-factor identification, you cannot change them. In case of an emergency, there's no one-click button to change your password.

Until now, I haven't experienced any instability with LastPass. I have used LastPass myself for the last three to five years. For the company, I implemented it about five to six months ago.

I don't think there is an issue with scalability. But if your going on an Enterprise Environment where you would like more Advanced option for an Enterprise Password Management solutions Like for example Automatic Password Import(in Remote Desktop, and other in house Applications) so the users don't have a way to copy the password and see it, Automatic Password Replacement ( For Example in case of Emergency Replace all passwords because of Rogue Engineer  or after an Engineer uses a password for an immediate password replacement, User Session Recording for Administrator when there using an administrator password and allot more. 

My only concern up until now is the communication, especially since this is for work. They do respond but sometimes, if you want to get in contact with somebody, it's really difficult when it comes to LastPass.

For example, I started LastPass Enterprise and I tried to contact sales or a contact person. For me to actually get in touch with somebody was really difficult. I even tried to give my name and email and they told me they would get back in contact with me. At first, I thought it may be something with my email domain, that maybe something about LastPass was dropping my emails. Then I started using my live domain email. Even so, I didn't receive any contact. So, my experience with LastPass is that it's a great solution, but when it comes to communication and support, it has been tough.

When it comes to opening a ticket, they do respond within one day. But, for immediate contact, no. It was crazy, especially in the beginning because I was so enthusiastic, I wanted to start right away. I tried for three weeks to a month to contact sales because I had many questions. It got so crazy that for me to actually get in contact with LastPass I even called LogMeIn to see if they could find a way to transfer me to LastPass.

LastPass is a great solution, but, because of the communication, I didn't actually start it as a solution for our enterprise business. That's why it has been only for four to five users.

It was one of the easiest for implementing passwords. You can sync it with Active Directory. There were certain sites that I couldn't sync it with and I needed to input a password manually but it was really straightforward. Their interface is really easy to understand. It's not too difficult.

It took less than one day to get everybody onboard, the five people using it. It was really easy. The only thing they needed to do was import some passwords that they had and change some passwords.

I did it myself.

This is the best Pricing you will get a for Password Management solutions.

I have been involved with many password managers. Passportal, Secret Server, CyberArk, and BeyondTrust. I chose LastPass for our organization because of the pricing. The organization didn't want to implement something really expensive. LastPass, for what it's offering, for the price at which it's offering the service, is unbeatable.

The licensing for LastPass is straightforward.

If you're looking for a password management solution that can hold your passwords and share passwords among employees, one that is cloud-based - and even without the internet you can still access passwords - and if you need a solution that that has the best price for the best product, LastPass is the one. But if you're a person who works in IT who wants to put passwords in privileged accounts and manage them with automation and everything that an enterprise password manager is required to do, LastPass is not the solution for you. You have to search for something else.

In our organization, the roles of the LastPass users are just below executive level. Their decisions, and what they do, can influence the company. They manage LastPass themselves. In the Sharing Center is the Shared folder. If somebody is going to change a password, they need permission to do so. In our case, they all have permission to change a password. If a password is changed, it's changed. That's it. I don't really see the need for a person to maintain LastPass.

The two main reasons my company cannot move to LastPass are because of the synchronization issue and the poor communication.

I rate LastPass at eight out of ten. It offers everything you need for a password management solution. The con that makes it less than a ten is the communication with support and sales. Normally, you just contact sales at a company and you can reach them easily, to start gathering information, to talk with them about your plan and, sometimes, to get a demo, based on your plan. I didn't have that with LastPass.