When comparing LastPass vs KeePass, the Slant community recommends KeePass for most people. In the question“What are the easiest to use password managers?” KeePass is ranked 2nd while LastPass is ranked 12th. The most important reason people chose KeePass is:
KeePass being open source means that a number of people have reviewed the code and found it to be secure.
Specs
Ranked in these QuestionsQuestion Ranking
Pros
Pro Automatic cloud backup and cross-device sync
LastPass keeps an encrypted copy of all passwords locally as well as an encrypted copy on their servers. That way, passwords can be accessed locally while offline, or through their server while online from any machine.
Pro Multifactor authentication
LastPass offers multiple multifactor authentication options, including Google Authenticator, Grid Multifactor Authentication, Microsoft Authenticator App, Toopher Authentication, Duo Security Authentication, Transakt Authentication, Sesame Multifactor Authentication, Smart Card Authentication and Yubikey Multifactor Authentication.
Pro All encryption and decryption is done locally
All the encryption and decryption is done by the client (JS/App) so even LastPass doesn't have access to passwords.
Pro Seamless autofill and password generator via plugins for all popular browsers
All common browsers, including Opera, have plugins that allow automatically filling in forms and generating passwords. All form fill information syncs across all platforms, devices and browsers. Password generator can be adjusted to use or exclude certain characters and patterns.
Pro Automatic security monitoring
LastPass will check for re-used and unsafe passwords.
Pro Fingerprint verification
Some fingerprint readers, like TouchID on iOS, Samsung, Sony Xperia, or LG Mobile devices, can be set up to be used to access LastPass instead of a master password.
Pro Allows sharing passwords with one person or a group of people
LastPass allows sharing login data for a site with another user of LastPass without exposing the password. Great for allowing friends, family or coworkers access a site.
Pro Clean and intuitive UI
Since version 3.0 the LastPass interface is clean and easy to navigate on all platforms.
Pro Offers multiple export options
LastPass can dump the whole database as a .csv file or an encrypted file that can then be decrypted using LastPass Pocket as well as separately export Wi-Fi passwords and autofill information. Additional export options are available on a per-browser basis.
Pro Works with portable versions of Chrome and Firefox
Firefox 2+ on Windows, Mac & Linux as well as Chrome 4+ on Windows and Linux support a portable version of LastPass. Great for securely accessing LastPass Vault from public or untrusted computers.
Pro Works on Linux
LastPass alongside KeePassX are the only cloud-syncing password managers that work on Linux.
Pro Does not require a standalone app
While many password managers require a standalone app to be installed on the system, LastPass does not and can function via browser plugins.
Pro Military grade encryption
Lastpass has 256-bit AES encryption implemented in C++ and JavaScript with one-way salted hashes.
Pro Password one-click change
LastPass is able to change your password automagically.
Pro Yubikey support
LastPass offers multifactor authentication via Yubikey.
Pro Password security check up
Gives score based on password use and strength. Score is bad on other LastPass users and denotes where you fall in that group.
Pro Can create one-time passwords for accessing the Vault
LastPass allows creating passwords for accessing the LastPass Vault that can only be used once. Great for accessing the Vault in public or untrusted places.
Pro Vetted by Steve Gibson
Steve Gibson is a well established security researcher best know for his work with Apple and Atari systems as well as founding Gibson Research Corporation. He was given access to LastPass' source code and confirmed that it's safe to trust its security.
Pro Allows downloading an encrypted database backup that can only be decrypted with LastPass Pocket
LastPass Pocket is a standalone personal database decrypter. It's a portable executable, meaning it does not need to be installed, that is used to decrypt a local encrypted copy of the password database.
Pro Has native integration via app for Android
Fills in passwords in android apps without loading into LastPass directly.
Pro Works even with browsers that don't support plugins
Via a clever use of bookmarklets, LastPass works on browsers that don't inherently support bookmarklets, like Opera or Safari on iOS.
Pro Credit monitoring in US
LastPass can be set to notify if a user's credit report suddenly changes.
Pro Great free features
A large amount of features for the free version.
Pro Works with Windows applications with native app
Can record the steps and use it to login to native Windows apps.
Pro Full integration on iOS
Along with apple’s own key manager, LastPass is the only password manager on iOS with full, complete, subsystem access.
Fill passwords in any web browser.
Full passwords in most apps.
Pro Free and open source
KeePass being open source means that a number of people have reviewed the code and found it to be secure.
Pro Cross-platform desktop and mobile
Available for Windows, with unofficial ports for Linux, macOS, Android, and iOS.
Pro Reliable
KeePass is consistent and stable across all clients including merging conflicts between desktop and mobile apps.
Pro Powerful built-in password generator
Password generator can be adjusted to use or exclude certain characters, patterns, external algorithms and principles.
Pro Autofills passwords securely
KeePass uses a feature called AutoType that pastes passwords in browser window using a combination of virtual keystrokes and clipboard obfuscation for added security against keyloggers.
Pro Does not depend on the cloud
Unlike many other password management tools, by default the KeePass encrypted database is not stored in the cloud, but strictly locally, for added security.
Pro Can be used as a portable application
Works as a portable application that does not need to be installed and can be carried around in an external device.
Pro Extremely powerful encryption algorithm
KeePass uses AES-256 encryption for passwords which is practically unbreakable.
Pro Extensive plugin and extension support
Keepass offers a range of plugins and extensions in different categories: Integration & Transfer, Automation & Scripting, Cryptography & Key Providers, and others.
Pro Multifactor authentication
Keepass offers a combination of master password, key file and user account verification.
Pro Allows storage of attachments such as pictures, documents and all kinds of files in general
Appending attachments to individual credential entries allows things like scanning important documents (for instance a scanned document containing the login information for your internet connection), appending them to the corresponding credential entry and afterwards destroying the original paper copy.
Pro Offers multiple sync options
Since the database is stored locally it can be synced across devices using a cloud storage service like Dropbox, Google Drive or via a file sync tool like BitTorrent Sync. KeePass v2 also provides a powerful built-in synchronization mechanism that allows setting appropriate level of sync, kind of sync, and choosing between a number of sync sources (Dropbox, Drive, etc).
Pro Regular updates
On average a new point release is available every 3 months.
Pro Due to the open source nature, there are numerous apps for Android available that support KeePass
Offers large variety of apps with different features and user interfaces vastly increasing the user base by catering to almost every taste.
Pro Intuitive categorization options and search for managing entries
Entries can be categorized in folders and subfolders and quickly found using search.
Pro Built-in history that tracks changes to individual credential entries
With the built-in history you can lookup previous passwords, track changes in general and if necessary recover those. In essence you are looking at a built-in Version Control System (VCS) which operates on single entries. Browsing the history of specific entries also displays associated metadata like the date of a change.
Pro Allows useful scripting via KPScript plugin
KeePass can set global hotkeys to fill in credentials while on a sites log-in screen. Scripting can launch a site or other application and perform any necessary log-on steps securely. It requires the KPScript plugin.
Pro 100% Free
No paid version. Free for everyone.
Pro Various iOS clients available
e.g. KeePass Touch, MiniKeePass.
Pro Customizable password records
Users may define any extra fields (eg. "Surname", "Credit Card No", "Start Date", "Expiry Date" and "Security No") and their values may then be easily copy-and-pasted when required. This is a great feature not found in a lot of password-managers: they leave you to consign such additional information to the "Notes" section.
Pro Clear, concise user interface
This app has the easiest, cleanest, and clearest user interface. For reference, LastPass has progressively gotten worse and worse and is now a confusing mess, while Keepass remains very user-friendly.
Pro Works inside Android apps
There are variations in support of features, so this is dependent on the Android app being used. Keepass2Android is one that has built-in synchronization over ssh and other protocols, fingerprint support and plugins are also supported to a certain extent.
Pro Recommended by a number of European governments and the EU
KeePass is recommended by the German Federal Office for Information Security, the European Commission’s Free and Open Source Software Auditing (EU-FOSSA) project, and the French Network and Information Security Agency.
Pro Support in iOS Safari browser
Difficult passwords are mostly a PITA on a mobile keyboard.
Pro Blackberry support
Keepass has an available Blackberry app that not only makes it easy to use on the go, but will work with any files backed up in the cloud for ease of access to stored passwords used on different machines.
Cons
Con Forced cloud backup
The is no way to opt-out of saving all of passwords on LastPass servers.
Con Has been hacked before
And becomes extra bad as you are forced to have everything at one central cloud place.
Con Recently doubled annual subscription rates
This applies even if you're a re-subscribing customer.
Con Somewhat poor customer service
LastPass maintains a support forum which they mostly ignore, labeling it "mostly peer-to-peer support" leaving only their e-mail ticket system to turn to.
Con Not free/libre
This application is proprietary, and thus cannot be modified, freely distributed, or trusted to be secure.
Con History of bad support for the company behind LastPass
You never know how much you will pay for it because LogMeIn did the same with Hamachi product. Support will be bad.
Con Rates are ridiculous for one user
They cut services and increased prices after they were purchased by LogMeIn.
Con Doesn't Encrypt URL
Lastpass doesn't encrypt the links stored in the vault, which can be accessed by hackers. Encryption ONLY applies to Password and Username.
Con Very bad UX for sharing passwords with other people (in free version)
When on lastpass.com you update the contents of a password file, it gets updated only on your side, not on the side of people it is shared with (and the UI does not tell you anything about this).
Also, when you want to share a password file with someone, they often have trouble accessing it (bugs in registration or acceptation of the shared document).
Con No longer free
Least expensive plan is $2/month. Formerly, the lowest paid tier allowed sharing with family members. Now there's a family plan for $4/month.
Con Poor Email Support
Email support is slow and just offers canned responses that are not anymore helpful then their documentation.
Con Forgets to ask "add new site?" on some websites
So you are forced to add a new site manually, which takes too long (relatively speaking).
Con Clutzy configuration to have multiple URLs for one credential
LP does not have a single place to view or edit all URLs related to a given credential. It has the main one then the rest on an "equivalent URL" configuration page.
Con Cross-browser/client single login breaks all-the-time!
Spend lots of time trying to make it work and another day it's just broken again. Very frustrating.
Con During login, application loads for a very long time
Con Domain & path matching is overly complex
I want simple "this domain (along with its subdomain) should match these". There are features for that - "Equivalent Domains" & "URL Rules". But still I can't get it working for certain items, so that I have to duplicate them.
Con When generating passwords, LastPass tends to put the wrong info in forms
For forms with both an email address and username, LastPass tends to mix up and overwrite information.
Con Randomly loses custom/extra fields/passwords
Sometimes they get wiped. Don't forget to copy them into the notes section in the first place, which seems to be generally stable.
Con Can't start on mobile
Apparently you have to start with their web interface and/or browser extension. Can't just start on mobile.
Con Autofill glitchy
Hit and miss with autofill either filling or being able to submit.
Con Inconsistent categories
They get shuffled around. E.g. once a top level "_None" category was introduced by itself. Still couldn't get the hang of it.
Con Doesn't always log out when idle
This issue is especially common with the mobile app.
Con Mobile apps are not intuitive
There are large differences between iOS and Android; as well as from the base desktop and cloud interfaces. Option A doesn’t correspond to the same thing across platforms. Functions have different names on different platforms, and under different settings.
Con Not particularly modern UI
Difficult to use for new users. Small font.
Con No good cross platform syncing ability
E.g. between Windows and mobile.
Con Officially supported only on Windows, Mono or Wine
While there are ports available for Linux, OSX, iOS, Windows Phone and Android, the only officially supported version of KeePass 2 is on Windows and all platforms running Mono like Linux, Mac OS X, BSD. KeePass 1 is supported on Windows and Wine.
Con Outdated website
Extremely outdated website, which deters news users.
Con iOS support for syncing (not true -> KeePass Touch)
KeePass Touch supports a whole range of cloud sync options.
iOS clients still have somewhat limited syncing options for password files - such as DropBox.
Con Balkanized app ecosystem
There are a lot of different KeePass apps made by different people depending on your platform, e.g. Firefox, iOS, etc. Quality can be inconsistent and you need to trust each different set of authors.
Con No true multi-user and logging
Does not support multiple logins (different credentials) to database.