Log in through the extension

LastPass is best experienced through your browser extension. Install LastPass for Firefox to automatically login to sites as you browse the web.

Install LastPass Close

Trusted. Secure. Reliable.

Safeguarding your data is what we do, with proactive security and reliability as cornerstones of our mission.

“Understanding the LastPass architecture is the key to understanding why it's safe to trust them, why I trust them, and why I've completely switched my entire solution for managing passwords over to LastPass.” Steve Gibson Security Researcher at Gibson Research Corporation

Proven security model

Security is our mission at LastPass. At every step, we've designed LastPass to protect what you store, so you can trust it with your sensitive data.

SOC 2 Type 2 compliance

This detailed review of our controls and processes is a “gold standard” for confirming the security and reliability of LastPass.


Regular audits & pen tests

We engage trusted, world-class, third-party security firms to conduct routine audits and testing of the LastPass service and infrastructure.


Strong data encryption

Sensitive data is encrypted at the device level with AES-256 before syncing with TLS to protect from on-path attackers.


Bug bounty program

Our bug bounty program incentivizes responsible disclosure and improvements to our service from top security researchers. Learn More


Reliable Service

LastPass operates out of multiple, geo-distributed facilities that can handle all customer traffic for redundancy.


Transparent incident response

Our team reacts swiftly to reports of bugs or vulnerabilities and communicates transparently with our community.

Secure product architecture

LastPass is designed to keep sensitive data safe using a local-only security model.

Privacy by design

Biometric data is encrypted at the device level and never leaves the user’s device, protecting biometric data from server-side attacks.

Private Master Password

LastPass does not send or store the master password. We believe that if LastPass can’t access your data neither can hackers.

End-point encryption

Encryption happens exclusively at the device level before syncing to LastPass for safe storage, so only users can decrypt their data.

256-bit AES encryption

This algorithm is widely accepted as impenetrable – it’s the same encryption type utilized by banks and the military.

PBKDF2-SHA256 for brute-force attacks

We strengthen the master password and encryption key against large-scale, brute-force attacks by slowing down guesses.

Powerful security features

Businesses can take password security into their own hands with LastPass.

Multi-factor authentication

Add extra security to company date by leveraging LastPass MFA’s biometric and contextual intelligence, without adding more complexity.

Protect every access point

With coverage over cloud, mobile, and legacy apps through single sign-on and password management, LastPass Enterprise secures every access point.

All-in-one identity solution

Visibility from single sign-on to password management to adaptive authentication, without the hassle of managing multiple solutions.

Centralized IT control

The admin dashboard gives controls over user access, authentication, and password behavior with over 100 configurable policies to and improve security.

We value trust and privacy

Our password management system protects customer data through powerful security features. We implement strong encryption algorithms and safeguard your account across all devices. See the latest company updates on product security protection at our Trust & Privacy Center.

Try LastPass for Free

Get started with a free 14-day trial of LastPass Business today.