When comparing Turtl vs LessPass, the Slant community recommends LessPass for most people. In the question“What is the best cross-platform password manager?” LessPass is ranked 11th while Turtl is ranked 19th.
Specs
Ranked in these QuestionsQuestion Ranking
Pros
Pro Multiple Platforms (Windows, Linux, macOS, Android, Firefox, Chrome)
Turtl has applications for all the major operating systems, as well as Android. In addition, there are extensions available for Firefox and Chrome that cooperate with the downloadable applications.
Pro Open source
The app is licensed under GPLv3 making it open source. This means that anyone can use the code and contribute. This also makes it easy to use on one's own server or for company solutions.
Pro Good security
After assigning a password to your account in Turtl, a key is created to encrypt the entire account. No data is stored on their servers meaning they have no access to unencrypted content. This is a huge leg up when comparing to other Evernote alternatives.
Pro Open source
Pro Really platform-free
Works everywhere, in any device that can run javascript.
Pro Doesn't store passwords
If it's not stored, it can't be stolen.
Cons
Con No iOS app
While many other operating systems have a client, iOS does not have one yet (though it is planned).
Con No image embedding
Instead of image embeddings, there's a sort of poor man's substitute: image + description. If you add an image, you can create a description of any size and with all the formatting features. It can be used instead of image embedding but much more limited: only one image and only at the very top.
Con Internet dependent
Requires Internet connection to initiate offline mode, loses access to notes without Internet or server.
Con Deterministic
Deterministic password managers have many drawbacks.
Con Cannot store existing secrets
Existing secrets (aka passwords) cannot be stored with deterministic password managers. In order to use LessPass effectively, you will need to change your password on every site.
Con Easily cracked with exposed/compromised master password
Since anyone can use LessPass with the same parameters as you, all they need is your master password (which could be obtained through keylogging or numerous other methods) to gain access to every one of your site passwords.