Met onze nieuwe functie SaaS Protect in Business Max krijgt u meer controlemogelijkheden en kunt u apps zonder goedkeuring direct blokkeren.

Why trust Lastpass

Is LastPass Secure?

Yes, LastPass is more secure than ever. We've rebuilt our core technology, revamped our processes, and restructured our team to deliver a safer, more private, and user-friendly experience—leaving no stone unturned.

Learn more

What has LastPass done since the breach?

People

LastPass strengthened its security leadership and launched two specialized teams—POST to protect privacy and prevent fraud, and TIME to deliver threat intelligence and stay ahead of evolving security threats.

Learn more

Process

LastPass completed a full security audit, strengthened access controls, and maintains top industry certifications including SOC2 Type II, ISO 27001, SOC3, BSI C5, TRUSTe, and an Independent Security Review by Google Play.

Learn more

Technology

LastPass transitioned to a purpose-built, secure cloud platform, designed and deployed a new secure software factory, and implemented advanced security tooling across its newly established development and production environments.

Learn more

Entirely new, entirely secure

In the process of becoming a standalone company, we have seized the opportunity to re-imagine and build a new LastPass from the ground up, leaving no stone unturned. We committed to a multi-year, multi-million-dollar investment in security across people, processes, and technology.

From major infrastructure improvements to hiring top security experts to implementing new security protocols - all efforts are geared towards building a strong and more secure foundation.

Learn more

Core Security Upgrades

To deliver stronger protection and earn lasting trust, LastPass has implemented foundational security upgrades across infrastructure, encryption, and access control.

  • Strengthened device, cloud, and endpoint security through enhanced monitoring, advanced detection and prevention controls, new cloud posture management, and upgraded endpoint protection.
  • PBKDF2 iterations increased to 600,000 for stronger password hashing.
  • Primary URL encryption in vaults to enhance privacy and support zero-knowledge security.
  • AES-GCM-256 encryption adopted; legacy cipher modes retired.
  • Secure software factory implemented with SBOM tracking and SLSA compliance.

See what sets LastPass apart

Explore the features, security innovations, and trusted performance that make LastPass the go-to solution for individuals and businesses worldwide—backed by industry-leading technology, a zero-knowledge architecture, and a commitment to continuous improvement.

Compare LastPass

Future-ready, security-driven

LastPass is going beyond passwords to help businesses manage access with less hassle and more control. Our Secure Access Experiences combine the password manager you trust with new tools that let you decide who can access what, based on your own policies. You’ll get better visibility into user activity, stronger security across your team, and fewer headaches for IT. Whether you're just starting out or managing a global workforce, LastPass makes secure access simple and affordable.

Learn about Secure Access Experiences

Why you can trust LastPass today

  • The G2 leader in all password managers
  • Regular expert security audits
  • Top-tier security measures
  • Modern infrastructure & tools
  • Industry-leading threat intelligence
  • Transparent threat intelligence
Read our reviews on G2
Trust center

Want to see our security? Find the latest GRC updates here.

Visit Trust Center
Compliance center

What is LastPass doing to stay compliant?

Find the latest certifications, policies and security documentation.

Visit Compliance Center
Responsible Disclosure Program

We partner with experts to enhance security

Our commitment to security is unwavering. We swiftly address vulnerabilities, supported by continuous reviews and insights from the security community.

Responsible disclosure program
Resources

Explore LastPass documentation

Consult the documentation on product-specific technical, organizational, and compliance measures.

View the library

Featured resources

Blogpost

2022 security incident update

Details on the findings and actions from the completed investigation.

Read the blog post
Support

Latest security updates

LastPass is prioritizing further investment in security, privacy, and operational best practices - review the latest progress.

Learn more
Blogpost

From the CEO: A New Era for LastPass

Details on the evolution of LastPass and where we’re headed.

Read the blog post

View all resources

Vertrouwd door bedrijven en particulieren overal ter wereld

Miljoenen

klanten beveiligen hun wachtwoorden met LastPass

Beoordeling in Chrome en App Store

Gebaseerd op ruim 79.300 recensies

Leider op het gebied van wachtwoordbeheer

Gebaseerd op ruim 1600 recensies

100.000+

bedrijven kiezen voor LastPass

“Onze partners willen hun klanten een complete oplossing voor wachtwoordbeheer aanbieden, die hun beveiliging betrouwbaar en eenvoudig versterkt. Beveiligingsteams moeten zich kunnen concentreren op andere tijdrovende taken en de software moet handig werken voor eindgebruikers, zodat hun dagelijkse werk niet wordt onderbroken door aanmeldingen met een wachtwoordinvoer.”

Sarah Geary

Chief Commercial Officer, Distology
icon_trust_stars-svg

“Ik gebruik LastPass zowel zakelijk als privé. Ik kan veilig wachtwoorden opslaan en delen met collega's of met mijn gezin in aparte omgevingen, en het maakt heel eenvoudig willekeurige sterke wachtwoorden voor me aan. Dat voorkomt dat ik overal hetzelfde wachtwoord gebruik.”

Lees de volledige recensie

Erik Eckert

System Administrator bij MPE Engineering Ltd.

“Met ruim 350 applicaties voor een team van meer dan 3.500 mensen hadden we een hoog blootstellingsrisico. Om gebruiksvriendelijke single sign-on mogelijk te maken, hebben we gekozen voor LastPass met zijn waterdichte beveiliging van elk toegangspunt en elke aanmelding.”



Tony Ledbetter

Senior IT Security Manager, HOLT CAT

Frequently asked questions

LastPass uses a zero-knowledge encryption system to protect your data. Your device encrypts and hashes your passwords locally before sending them to LastPass. When you need to log in, your encrypted data is returned and decrypted only on your device—never by LastPass.

No. With LastPass’s zero-knowledge model, your master password and everything stored in your vault—like login credentials, payment info, and secure notes—remain completely private and inaccessible to LastPass.

LastPass uses strong encryption techniques, including 256-bit AES and PBKDF2 with SHA-256 hashing and salting. Your master password is never stored in plain text, and only you know it. This ensures that only you can unlock your password vault.

LastPass remains secure and has made major upgrades to its infrastructure and security practices. These include moving to a secure cloud platform, deploying managed devices, enhancing its vault, and achieving ISO 27701 compliance. Dedicated teams now focus on privacy, threat intelligence, and customer protection, with real-time updates available through their Compliance Center.

LastPass is a widely used password manager. After a security incident in December 2022, the company has invested heavily in improving its systems and processes. It continues to offer secure tools for managing digital credentials for individuals and businesses. Learn more about what has been done to secure LastPass.

A password manager like LastPass is one of the safest options. It stores your credentials in an encrypted vault, allowing you to use strong, unique passwords for each account while simplifying password management.

While LastPass is a secure choice, other password managers may offer different features. The most important thing is to choose one with strong encryption, regular security audits, and good privacy practices. Regardless of the tool, using two-factor authentication and staying alert to phishing threats are key to staying secure.

The free version of LastPass has some limitations, such as syncing on only one device type and missing features like password sharing and emergency access. These are available in paid plans, which may be necessary for users needing more advanced functionality.

Learn more about why LastPass is loved by millions and recognized by experts

Don't see your questions here? Visit Support Center.