TL;DR: LastPass carries a Risk Score of 100/100 (Severe) based on 4 documented complaints from BBB filings, lawsuits, Trustpilot, and Reddit — the public record reflects a serious pattern of issues you should know about before buying.
LastPass is a password manager offering personal and business tiers for storing and autofilling credentials. Business pricing starts at $4/user/month. It was the most widely used enterprise password manager until 2022, when it suffered one of the most severe security incidents in password manager history.
Editorial summary
Independent analysis · 4 sources reviewed
Should You Trust LastPass?
LastPass was a dominant password manager that has been fundamentally changed by its 2022 breach. The incident — in which threat actors stole encrypted password vaults along with metadata needed to mount targeted decryption attacks — is the most severe breach in consumer security software history for its category.
Subsequent disclosures revealed compounding failures: a developer's home computer was compromised to get into production systems, encryption iterations on older accounts were below modern standards, and customer notification was slow. A series of senior LastPass employee cryptocurrency heists in 2023–2024 were attributed to attackers decrypting vault data from the breach.
LastPass remains operational and has made security improvements. For anyone evaluating it for new deployments, the 2022 breach is the single most important factor in the decision.
Is LastPass Worth the Cost? Complaint Category Breakdown
Each complaint type is weighted differently in the Risk Score. Billing and marketing deception weigh heaviest.
Where these complaints come from
Complaints are sourced from public platforms spanning US, UK, and global consumers. Each report links back to its original source.
| Platform |
Reports |
Who's reporting |
| TechCrunch | 1 | Various regions |
| KrebsOnSecurity | 1 | Various regions |
| Wired | 1 | Various regions |
| Security Research (Palant.info) | 1 | Various regions |
What Buyers Say About LastPass
Documented pricing complaints, billing issues, and support failures — newest first.
Our AI scanner searches Reddit, Trustpilot, BBB, and news sources for fresh complaints from the past year, paraphrases what it finds, and adds anything new to this page. Takes up to 90 seconds.
Lawsuits & Legal Action
CRITICAL
Source: TechCrunch · Dec 22, 2022
Added 4d ago
2022 breach: encrypted password vaults stolen along with decryption metadata
In December 2022, LastPass revealed attackers had stolen encrypted customer password vaults plus metadata — including URLs, usernames, and email addresses that aid in targeted decryption. The breach was executed through a compromised senior engineer's home computer.
Lawsuits & Legal Action
CRITICAL
Source: KrebsOnSecurity · Sep 9, 2023
Added 4d ago
Cryptocurrency thefts linked to breached LastPass vault data
In 2023 and 2024, blockchain security researchers linked over $35 million in cryptocurrency thefts to attackers who appeared to have successfully decrypted LastPass vault data to access victims' seed phrases.
Misleading Marketing
HIGH
Source: Wired · Mar 3, 2023
Added 4d ago
Slow, incrementally expanding breach disclosures criticized by security community
LastPass's 2022 breach disclosures came in multiple waves over months — each revealing a worse situation. The security community broadly criticized this approach as minimizing, preventing customers from making informed risk decisions.
Older account vaults had sub-standard encryption iteration counts
Post-breach analysis revealed that older LastPass accounts had PBKDF2-SHA256 iteration counts as low as 5,000 — far below the 600,000+ recommended at the time of the breach. Affected users were not proactively notified to update their master passwords.
Frequently asked questions about LastPass
Is LastPass worth the price?
No billing complaints have been documented yet for LastPass. Its Risk Score of 100/100 puts it in the "Severe" band. See the full complaints breakdown → before deciding.
Is LastPass easy to cancel?
Cancellation difficulty is one of the top SaaS frustration patterns. Check the complaints page → — we tag cancel-related issues under "Billing" and "Contract Trap" categories. If none are documented yet, run a scan to surface what's currently out there.
Does LastPass have hidden fees?
Hidden-fee complaints fall under our "Billing Issue" category. We've documented no billing complaints for LastPass so far. See all complaints → for the full picture.
How does LastPass compare to its alternatives?
We track other security & compliance automation tools and rank them by Risk Score. See our alternatives comparison → to find lower-risk options in the same category.
What are the biggest complaints about LastPass?
The highest-severity documented complaints involve lawsuits & legal action. Read all 4 documented complaints on the complaints page →
Is LastPass a scam?
Probably not in the strict legal sense — most SaaS products with bad reputations are real companies delivering a real (if disappointing) product. But "is it a scam" is the question people ask when they feel they were misled. Read our full scam analysis →
How does LastPass's Risk Score get calculated?
We weight each warning by severity (Low to Critical) and category, then aggregate. Lawsuits and misleading-marketing claims weigh heaviest. The current 100/100 score puts LastPass in the "Severe" band. Full methodology →
Where do these complaints come from?
Each warning is paraphrased from a public source — BBB filings, Trustpilot or G2 reviews, Reddit threads, Capterra ratings, court records, or news articles. The source URL is attached to every warning so you can verify it yourself. More on our methodology →