LastPass

LastPass

Password management and secure vault solutions

Overview

LastPass provides password management and secure vaults for individuals and businesses. Its core product is a password manager that securely stores passwords and auto-fills them, reducing breach risk and improving convenience. It also offers secure notes, form filling, and multi-factor authentication to protect data. The service runs on a subscription model with free and premium plans for individuals and customizable enterprise plans with advanced security, administrative controls, and compliance tools. LastPass differentiates itself through ease of use, strong security measures, and a reliable reputation, serving a broad customer base from individuals to large enterprises with robust security features and administrative capabilities. The company aims to simplify protecting online credentials and sensitive information while improving security and user productivity across personal and organizational use.

About LastPass

Simplify's Rating
Why LastPass is rated
C
Rated C on Competitive Edge
Rated B on Growth Potential
Rated D+ on Differentiation

Industries

Consumer Software

Enterprise Software

Cybersecurity

Company Size

501-1,000

Company Stage

Acquired

Total Funding

$110M

Headquarters

Boston, Massachusetts

Founded

2008

People at LastPass

People at LastPass who can refer or advise you

Simplify Jobs

Simplify's Take

What believers are saying

  • NCSC passkey endorsement drives LastPass adoption among passkey-native security users.
  • Free scanner tool accelerates onboarding for users migrating from sticky notes.
  • LastPass retains tens of millions users despite past security controversies.

What critics are saying

  • Klue supply-chain breach exposes customer data enabling hyper-targeted phishing attacks.
  • ETH Zurich study reveals zero-knowledge flaws undermining core security promise.
  • 2022 breach causing $35M crypto theft accelerates user migration to Bitwarden.

What makes LastPass unique

  • LastPass offers Mobile Smart Scanner converting handwritten credentials via on-device OCR.
  • LastPass supports native passkeys alongside passwords in its secure vault.
  • LastPass provides enterprise admin consoles with shared folders and SSO integration.

Help us improve and share your feedback! Did you find this helpful?

Funding

Total Funding

$110M

Above

Industry Average

Funded Over

1 Rounds

Acquisition funding comparison data is currently unavailable. We're working to provide this information soon!
Acquisition Funding Comparison
Coming Soon

Benefits

Health Insurance

Generous parental leave

Flexible Paid Time Off

Home Office Stipend

Remote Work Options

Continuous learning and development opportunities

Employee Assistance Program

Remote-first culture

High-growth, collaborative environment with inclusive teams

Market-leading password manager

Peer-to-peer recognition

Short-Term or Remote-Centric Work Arrangements

Growth & Insights and Company News

Headcount

6 month growth

2%

1 year growth

2%

2 year growth

2%
dArt Studio
Jun 27th, 2026
Cybersecurity under siege: data breaches and nation-state attacks on the rise.

Cybersecurity under siege: data breaches and nation-state attacks on the rise. A recent string of high-profile data breaches has left many wondering about the safety of their personal information. LastPass, a popular password manager, has suffered another significant breach, with attackers gaining access to customer data including names, phone numbers, and email addresses. The breach occurred due to a vulnerability at Klue, an AI business intelligence firm, which allowed hackers to compromise access tokens and steal data from integrated platforms like Salesforce. LastPass has assured customers that their password vaults remain secure, but warned of potential phishing attacks and social engineering attempts. Meanwhile, former national security adviser John Bolton has pleaded guilty to mishandling classified defense information, and Microsoft has disrupted the infrastructure of two major malware operations, Amadey and StealC, in a joint effort with Europol. The operation, dubbed Operation Endgame, seized servers and domains, and recovered millions of stolen access credentials. In Australia, the Security and Intelligence Organisation has announced the establishment of teams to counter nation-state cyberattacks on critical infrastructure, after discovering hackers had compromised a major provider's network. As the World Cup approaches, soccer fans are being warned of scams and phishing attempts. OpenAI has launched an improved version of its GPT-5.5-Cyber model, and introduced a new initiative, Patch the Planet, to support open-source projects on vulnerability patching and security issues. With the AI arms race between China and the US escalating, experts are warning of a potential 'Chernobyl moment' in the world of cybersecurity. As the situation continues to unfold, one thing is clear: cybersecurity is under siege, and it's up to individuals and organizations to remain vigilant and take steps to protect themselves. dArt Studio installs AI for local businesses in Broward & Palm Beach County, FL. dArt Studio reply within 1 business hour.

Bulletproof Servers
Jun 23rd, 2026
LastPass confirms data breach in Klue supply chain attack

LastPass confirms data breach in Klue supply chain attack. LastPass announced that hackers accessed customer data from its Salesforce environment after stealing the company's OAuth tokens in the Klue supply chain attack earlier this month. The password management platform says its products, services, and infrastructure were not affected by the incident and that customer vaults remained secure. "On June 12th, LastPass was made aware of an incident that occurred at Klue (klue.com), a third-party market intelligence platform utilized by our go-to-market teams, which integrates with our Salesforce and Gong systems," LastPass says. "We immediately launched an investigation and learned that, as part of this incident, an unauthorized actor was able to obtain OAuth tokens Klue held for many of its customers, including LastPass." "The threat actor then used these credentials to access LastPass customer data within our Salesforce environment." The investigation into the incident did not reveal any evidence that the attacker accessed Gong-related data, which typically includes customer calls and emails. According to LastPass, the following data may have been exposed: * Customer names * Phone numbers * Email addresses * Physical addresses * Support case information * Sales/CRM-related data Attackers may leverage the above information in phishing and social engineering attacks. The general recommendation for users is to be cautious of unsolicited communications over the phone or email, especially those that request sensitive details. The master password should not be shared with anyone. The Klue supply chain attack was claimed by the Icarus extortion group, who compromised the infrastructure of the AI-powered market intelligence platform and stole OAuth tokens that connected customers' Salesforce environments. Icarus hackers gained access to Klue's infrastructure using compromised legacy credentials for an integration service. This gave them access to OAuth tokens that connected Klue to various third-party services. The incident impacted multiple organizations, including Recorded Future, Tanium, Jamf, Sprout Social, Gong, and Insurity. The threat actor exfiltrated Customer Relationship Management (CRM) data and launched an extortion campaign. LastPass has disabled employee access to Klue, rotated the exposed API/OAuth tokens, and notified law enforcement while the investigation is underway. The company also warned about the threat actors using the sender domains baccarat.com[.]au, robinskitchen.com[.]au, house[.]com.au, noting that only communications from the official support channels should be trusted.

International Business Times Australia
Mar 24th, 2026
Is LastPass down? LastPass experiences intermittent outage, users report vault access and login issues.

Is LastPass down? LastPass experiences intermittent outage, users report vault access and login issues. Published 03/25/26 AT 2:01 AM AEDT LastPass, one of the world's most widely used password managers, faced widespread user complaints of login failures and vault access problems Tuesday, March 24, 2026, prompting the company to acknowledge an internal issue and launch an active investigation. As of midday Eastern Time, the company's official status page at status.lastpass.com showed an "Investigating" alert posted around 13:00 UTC (9 a.m. EDT), stating engineers were working to resolve reports of degraded service. Components including the marketing website, support site, MFA and certain regional services showed "Major Outage" indicators in real time. Downdetector and other monitoring sites recorded a sharp spike in user reports beginning around 8:56 a.m. EDT, with the majority of complaints centered on inability to log in or access stored passwords. Social media and Reddit threads filled with frustrated users unable to retrieve credentials for work, banking and personal accounts. LastPass's official Twitter account, @LastPassStatus, posted an apology: "We apologize for any disruption accessing your LastPass Vault today. This internal issue is currently being addressed and we expect services to be fully restored shortly." The incident marks the latest service disruption for the password manager, which has more than 25 million users worldwide despite past security controversies. LastPass, owned by GoTo (formerly LogMeIn), stores encrypted passwords, credit card details and other sensitive information in the cloud, allowing users to autofill logins across devices via browser extensions and mobile apps. No widespread outage appeared on March 23 or earlier days in the month, according to the status page history, which listed no incidents for March 2026 prior to Tuesday. The most recent resolved incident occurred in mid-February, when login verification emails failed for several hours. Users experiencing problems reported a range of symptoms: browser extensions failing to connect, mobile apps showing authentication errors, and the web vault remaining inaccessible even after correct master password entry. Some said they could reach the LastPass website but not the vault itself. Others noted that federated login options and multi-factor authentication prompts were also affected. Password managers like LastPass have become essential tools in an era of dozens or hundreds of online accounts per person. When they go down, the impact can be immediate and frustrating, especially for remote workers, businesses and individuals who rely on them for daily access to email, banking, productivity suites and government services. LastPass has faced scrutiny in recent years following high-profile security incidents. In late 2022, the company disclosed a breach in which attackers accessed encrypted vaults and other data after an earlier incident compromised source code and developer systems. Although customer master passwords remained protected by strong encryption, the episode led to widespread criticism, class-action lawsuits and a migration of users to competitors such as Bitwarden, 1Password and Dashlane. Despite the history, many organizations and individuals continue using LastPass because of its enterprise features, including shared folders, admin consoles and integration with single sign-on systems. The company has invested in security improvements, including zero-knowledge architecture enhancements and regular audits, while reminding users to enable MFA and use strong, unique master passwords. Tuesday's outage arrived at a time when cyber threats remain elevated globally. With ransomware gangs and state actors targeting credential repositories, any downtime in a password manager raises questions about redundancy and backup plans. Security experts recommend that users maintain offline backups of critical credentials - printed or stored on encrypted external drives - precisely for situations like this. For affected users, LastPass support pages suggest basic troubleshooting: clearing browser cache and cookies, trying incognito mode, restarting devices, or reinstalling the extension or app. However, when core backend services are impacted, these steps often prove ineffective until the provider resolves the root cause. The company has not yet released a detailed root-cause analysis or estimated time to full restoration. In similar past incidents, resolution times ranged from under an hour to several hours. Users who can still access their vaults via cached sessions or offline mode are advised to avoid logging out until service stabilizes. Analysts note that password manager outages, while inconvenient, rarely expose user data because of end-to-end encryption. The primary risk during downtime is productivity loss and the temptation for users to temporarily store passwords in less secure locations such as notes apps or email. LastPass competes in a crowded market that has grown rapidly with rising awareness of password hygiene. Industry reports estimate the global password management software market will exceed $2 billion by 2028, driven by remote work, regulatory compliance and increasing cyber attacks. As of late morning Tuesday, some users reported gradual improvement in certain regions, but many continued to encounter errors. Monitoring sites such as DownDetector showed the spike in reports beginning to plateau, though not yet returning to baseline. The incident serves as a reminder of single points of failure in digital life. Experts recommend diversifying password storage - using a primary manager alongside secure notes or hardware keys - and regularly testing recovery processes. LastPass has not commented publicly beyond the status page and Twitter update. Company representatives typically provide post-incident summaries once service returns to normal, including any steps taken to prevent recurrence. For now, users are urged to monitor the official status page and @LastPassStatus for updates. Those unable to wait may consider temporary workarounds such as manually entering known passwords or switching to alternative access methods where possible. The broader password management industry has seen similar hiccups in recent years, underscoring the challenges of maintaining always-on, highly secure cloud services at global scale. Tuesday's events will likely fuel ongoing conversations about trust, transparency and the need for robust contingency planning among both consumers and enterprise customers. As the investigation continues, millions of LastPass users worldwide are left hoping for a swift resolution so they can regain seamless access to their digital lives. MEET IBT NEWS FROM BELOW CHANNELS

Business Wire
Mar 10th, 2026
LastPass launches Secure Access Essentials to tackle unmanaged AI and app security risks

LastPass has announced its expansion beyond password management with Secure Access Essentials, an approach designed to help businesses and individuals manage application access, AI tools and security controls. The company raised concerns about unsanctioned AI use, citing a Cybernews study showing 59% of employees use unapproved AI tools. The solution offers three core capabilities for businesses: discovering unapproved applications and AI tools, controlling user access across platforms, and unifying password management, single sign-on and multi-factor authentication. For individuals, it provides password protection, simplified secure access and dark web monitoring for compromised credentials. LastPass delivers these features through a single browser extension requiring minimal IT infrastructure. The company will showcase the solution at RSA Conference 2026, where it will demonstrate protection against uncontrolled AI access and weak credentials.

Business Wire
Feb 18th, 2026
LastPass Named a 2026 G2 Best Software Award Winner for Security Products

LastPass named a 2026 G2 Best Software award winner for security products. Recognized for high user satisfaction and market presence, LastPass ranks among the top secure access tools based on customer reviews and technical performance data BOSTON-(BUSINESS WIRE)-LastPass, a leading provider of secure access essentials that help organizations and users work, move faster, and stay protected, has been named to G2's 2026 Best Software Awards, ranked in the Best Security Software Products list. As the world's largest and most trusted software marketplace, G2 reaches over 100 million buyers annually. Its Best Software Awards rank the world's best software companies and products based on authentic, timely reviews from real users. The recognition in G2's 2026 Best Software Awards reinforces the company's leadership in credential management and highlights how LastPass continues to advance in response to today's complex threat landscape. "Businesses of all sizes want to secure access to applications, AI, and credentials. LastPass does that via a browser extension that's easy to set up, deploy, and manage," said Karim Toubba, CEO of LastPass Share "This G2 recognition is a powerful signal that LastPass is leading where security, productivity, and trust converge," said Karim Toubba, CEO of LastPass. "Businesses of all sizes want to secure access to applications, AI, and credentials. LastPass does that via a browser extension that's easy to set up, deploy, and manage." This achievement comes at a time when IT teams are busier than ever managing a complex network of SaaS and AI applications being accessed oftentimes outside of security policies by a workforce that's using their own devices and accounts. Securing these applications and credentials simply and efficiently is a top priority. LastPass continues to lead the way ensuring that lean IT teams have the essential, cost-efficient tools necessary to secure their digital workforce without compromising productivity. "As buyers increasingly shift to AI-driven research to discover software solutions, being recommended in the 'answer moment' must be earned with credible proof," said Godard Abel, co-founder and CEO at G2. "Our Best Software Awards are grounded in trusted data from authentic customer reviews. They not only give buyers an objective, reliable guide to the products that help teams do their best work, but they're also the proof AI search platforms rely on when sourcing answers. Congratulations to this year's winners, including LastPass. Earning a spot on these lists signals real customer impact." Visit www.lastpass.com to learn how LastPass helps manage and protect access across passwords, apps, and AI tools without added complexity. About G2's Best Software Awards G2's 2026 Best Software Awards feature dozens of award lists, ranking software vendors and products using G2's proprietary algorithm. The results are based on G2's verified user reviews and publicly available market presence data. To be eligible for the Best Software Awards, a software company or product must have received at least 10 approved reviews during the 2025 calendar year. Scores reflect only data from reviews submitted during this evaluation period. About G2 G2 is the world's largest and most trusted software marketplace. More than 100 million people annually - including employees at all Fortune 500 companies - use G2 to make smarter software decisions based on authentic peer reviews. Thousands of software and services companies of all sizes partner with G2 to build their reputation and grow their business - including Salesforce, HubSpot, Zoom, and Adobe. To learn more about where you go for software, visit www.g2.com and follow G2 on LinkedIn. About LastPass LastPass delivers Secure Access Essentials, helping people and organizations manage and protect access across passwords, apps, and AI tools without added complexity. Trusted by more than 100,000 businesses and millions of users worldwide, LastPass blends strong security with everyday simplicity. From uncovering unapproved apps and AI tools to reducing login friction and securing credentials across the business, LastPass helps teams and individuals stay productive, minimize risk, and remain prepared as their environments evolve. Discover how LastPass can help you work, move fast, and stay protected at www.lastpass.com and follow us on LinkedIn, X, Instagram, and Facebook. More News From LastPass BOSTON-( BUSINESS WIRE )-LastPass, a leader in identity and password management, today announced the appointment of Chris Michelmore as Chief Revenue Officer (CRO). Michelmore joins LastPass from Zoom Communications, where he spent more than a decade building and scaling high-performing revenue organizations across small business, mid-market, and commercial segments. In his new role, Michelmore will lead LastPass global B2B sales organization and acquisition strategy, with a focus on discipline... BOSTON-( BUSINESS WIRE )-LastPass, a leader in password and identity management trusted by over 100,000 businesses worldwide, announced a series of major advancements in 2025 designed to give users greater security, visibility, and control across work and life. Key updates include Passkeys, now available to all customers, and Business Max, a new SKU that introduces easy-to-use SaaS visibility and access control capabilities alongside other improvements that strengthen security and simplify user... BOSTON-( BUSINESS WIRE )-Today, LastPass announced the release of the Cyber Resilience Playbook: From Cyber Risk to Resilience in 2025, a strategic guide designed to help emerging and mid-sized businesses strengthen their cybersecurity posture. Authored by renowned cybersecurity expert Dr. Chase Cunningham ("Dr. Zero Trust") and commissioned by LastPass, the playbook is based on insights from over two dozen leading industry reports and offers a clear, actionable framework tailored for organizat... LastPass. Release Versions

Recently Posted Jobs

Sign up to get curated job recommendations

LastPass is Hiring for 6 Jobs on Simplify!

Find jobs on Simplify and start your career today

Don't see your dream role? Check out thousands of other roles on Simplify. Browse all jobs →