When comparing LastPass vs Zero Password Manager (formerly ID Guard Offline), the Slant community recommends Zero Password Manager (formerly ID Guard Offline) for most people. In the question“What are the easiest to use password managers?” Zero Password Manager (formerly ID Guard Offline) is ranked 8th while LastPass is ranked 12th. The most important reason people chose Zero Password Manager (formerly ID Guard Offline) is:
On Android, you can check the app permission on Google Play Store or phone settings. See [here](https://www.bluespace.tech/blog/offline/). On iOS, you can check the app activity in the latest iOS 15 system. See [here](https://www.bluespace.tech/blog/offline-2/).
Specs
Ranked in these QuestionsQuestion Ranking
Pros
Pro Automatic cloud backup and cross-device sync
LastPass keeps an encrypted copy of all passwords locally as well as an encrypted copy on their servers. That way, passwords can be accessed locally while offline, or through their server while online from any machine.
Pro Multifactor authentication
LastPass offers multiple multifactor authentication options, including Google Authenticator, Grid Multifactor Authentication, Microsoft Authenticator App, Toopher Authentication, Duo Security Authentication, Transakt Authentication, Sesame Multifactor Authentication, Smart Card Authentication and Yubikey Multifactor Authentication.
Pro All encryption and decryption is done locally
All the encryption and decryption is done by the client (JS/App) so even LastPass doesn't have access to passwords.
Pro Seamless autofill and password generator via plugins for all popular browsers
All common browsers, including Opera, have plugins that allow automatically filling in forms and generating passwords. All form fill information syncs across all platforms, devices and browsers. Password generator can be adjusted to use or exclude certain characters and patterns.
Pro Automatic security monitoring
LastPass will check for re-used and unsafe passwords.
Pro Fingerprint verification
Some fingerprint readers, like TouchID on iOS, Samsung, Sony Xperia, or LG Mobile devices, can be set up to be used to access LastPass instead of a master password.
Pro Allows sharing passwords with one person or a group of people
LastPass allows sharing login data for a site with another user of LastPass without exposing the password. Great for allowing friends, family or coworkers access a site.
Pro Clean and intuitive UI
Since version 3.0 the LastPass interface is clean and easy to navigate on all platforms.
Pro Offers multiple export options
LastPass can dump the whole database as a .csv file or an encrypted file that can then be decrypted using LastPass Pocket as well as separately export Wi-Fi passwords and autofill information. Additional export options are available on a per-browser basis.
Pro Works with portable versions of Chrome and Firefox
Firefox 2+ on Windows, Mac & Linux as well as Chrome 4+ on Windows and Linux support a portable version of LastPass. Great for securely accessing LastPass Vault from public or untrusted computers.
Pro Works on Linux
LastPass alongside KeePassX are the only cloud-syncing password managers that work on Linux.
Pro Does not require a standalone app
While many password managers require a standalone app to be installed on the system, LastPass does not and can function via browser plugins.
Pro Military grade encryption
Lastpass has 256-bit AES encryption implemented in C++ and JavaScript with one-way salted hashes.
Pro Password one-click change
LastPass is able to change your password automagically.
Pro Yubikey support
LastPass offers multifactor authentication via Yubikey.
Pro Password security check up
Gives score based on password use and strength. Score is bad on other LastPass users and denotes where you fall in that group.
Pro Can create one-time passwords for accessing the Vault
LastPass allows creating passwords for accessing the LastPass Vault that can only be used once. Great for accessing the Vault in public or untrusted places.
Pro Vetted by Steve Gibson
Steve Gibson is a well established security researcher best know for his work with Apple and Atari systems as well as founding Gibson Research Corporation. He was given access to LastPass' source code and confirmed that it's safe to trust its security.
Pro Allows downloading an encrypted database backup that can only be decrypted with LastPass Pocket
LastPass Pocket is a standalone personal database decrypter. It's a portable executable, meaning it does not need to be installed, that is used to decrypt a local encrypted copy of the password database.
Pro Has native integration via app for Android
Fills in passwords in android apps without loading into LastPass directly.
Pro Works even with browsers that don't support plugins
Via a clever use of bookmarklets, LastPass works on browsers that don't inherently support bookmarklets, like Opera or Safari on iOS.
Pro Credit monitoring in US
LastPass can be set to notify if a user's credit report suddenly changes.
Pro Great free features
A large amount of features for the free version.
Pro Works with Windows applications with native app
Can record the steps and use it to login to native Windows apps.
Pro Full integration on iOS
Along with apple’s own key manager, LastPass is the only password manager on iOS with full, complete, subsystem access.
Fill passwords in any web browser.
Full passwords in most apps.
Pro Unique extension design
The extension is a remote autofill framework without storing passwords or requiring sign-in. Its design can help minimizing the security risks caused by browser vulnerabilities.
After you scan the QR code on a desktop browser to confirm filling, your password will be encrypted on your mobile app first, then sent to the cloud server via a mobile browser, and finally arrive at the extension to be decrypted and filled in.
Check this to know more details.
Pro Security chip encryption
The app protects your data with your phone's security chip, the same chip used by smartphone wallet to protect payment cards.
NFC Card in Android Pay.
iOS Apple Pay components.
Pro Backup & restore
You can back up all your data including passwords, OTP, attachments etc, with AES-256 and PBKDF2 encryption.
The app also allows you to send your backup password to your friends in encrypted form in case you forget it. Friends help save the encrypted backup password but cannot decrypt it, let alone access your database.
Pro Hundreds of terrific account templates
The app provides many account templates including tech giants like Google, crypto wallets like Binance, email accounts like CTemplar, game accounts like Steam, etc.
You can use these templates to save all your accounts' security information like recovery codes, security questions and answers, etc.
Pro Autofill login
2 taps to autofill your username and password on mobile apps or browsers like Chrome, Edge, and Firefox.
Every time you use autofill, you must authenticate with your biometric or master password to unlock the app. So even if you temporarily lend your phone to someone else, you don't have to worry about them abusing autofill to sign in and spy on your accounts.
Pro Apple ID security template
You can use it to save passwords, recovery codes, receipts, security questions and answers, etc.
There are also some helpful security tips about how to protect your Apple ID.
Pro OTP authenticator (2FA)
You can use the app to help enable 2FA for other platform accounts. The password, OTP, and recovery codes of an account can be saved together.
For example see this.
Pro Save attachments and notes
You can add attachments to save the photos of your ID cards, driver licenses, etc. in the app. Like other data, your notes and attachments are well protected with secure chip encryption and sandbox isolation.
Pro Save payment cards
As long as you enter the card number, ID Guard Offline app can automatically identify the card issuer, card organization and so on. It is easier than ever to store payment card information.
Pro Anti malicious fraud
When you use autofill, the app can identify fake apps, display the requested information, automatically match the filling account, etc.
These security designs can prevent malicious apps or websites from defrauding your password with hidden password boxes, forged login interfaces, etc.
Pro Biometric or master password authentication
Every time you open the app, you are required to authenticate with biometric. If you have set a master password for extra protection, you can also unlock the app by entering the correct master password.
Pro Verifiable security technologies
They shared a lot of blogs to show how to verify their security technologies like security chip encryption, true offline, autofill phishing detection, extension security design, etc.
Check out tech blogs.
Pro Find back master password
With other password managers, if you forget your master password, your can't unlock your database forever. But this app is different. It allows you to send your master password to your friends in encrypted form in case you forget it. Friends help save the encrypted master password but cannot decrypt it, let alone access your database.
Pro Excellent password generator
Its password generator allows you to fine control special characters to satisfy complex password requirements like containing certain symbols, the same characters cannot be sequential.
See here.
Pro No ads, no tracking
Neither the app nor the extension has trackers.
You need to be careful if you’re using a password manager with trackers. Because hackers may attack these trackers to steal your passwords.
See this
Pro Supports multiple platforms
The app supports iOS and Android. The extension supports Chrome, Firefox, and Edge.
The extension only can be used with the help of the app because all your data is safely stored in the app on your phone with secure chip encryption and sandbox isolation, while the extension does not keep any data.
See this
Pro Clean and intuitive UI
After unlocking the app, you will see all the stored accounts' logos and names on the main interface. Tap a tag, like Tools, you can see the accounts with that tag.
Pro Import & export
Support importing CSV files exported from Chrome/Edge/Firefox/Safari/Myki or importing them with zip encryption mode.
You can also export your data from ID Guard Offline app in CSV or JSON format with password encryption.
Pro Timeline (account history)
Automatically record the changing histories of your accounts. This feature would be very helpful if you are using some platforms that ask for the last 3 passwords when changing a new one.
Pro Add multiple tags
The app will automatically tag your stored accounts to help you manage them by categories. You can also add custom tags.
Pro Password meter
When you enter a password to save, the app will automatically detect its strength and let you know if it is a weak password.
Pro Auto-lock
To prevent someone from peeking at your passwords when you walk away temporarily, ID Guard Offline app will auto-lock if no interaction within 30 seconds.
Pro Easy to use
So easy to use some features, like 1 tap to add account, 2 taps to autofill password.
The first time you open the app, it will ask you to use biometric authentication or set a master password as the protection method to protect your data. After finishing that step, you can go into the app’s main interface and start using it. It's straightforward to use without extra setup or redundant introductions.
Pro Minimum permissions
- Access camera: Scan QR code to save or fill passwords.
- Use fingerprint hardware: Use fingerprint recognition to authenticate user (Cannot steal fingerprint data).
- Appear on top of other apps: An autofill bar will appear on top of the input box when autofill is enabled.
- Foreground service: Display the autofill bar when using accessibility service and let user know which app is displaying the floating bar.
- Google Play billing service: Unlock PRO features on Google Play. Google Play connects to the network to authorize user.
- Hide overlay windows: Hide overlay windows to prevent overlay attacks (Android 12+).
No FULL NETWORK ACCESS. TRUE offline. Minimize the attack surface and can never leak any data or be attacked via the network.
Check its permissions on Google Play
Pro Add custom logos
They pre-downloaded and packaged numerous platforms’ logos into the app. When you enter an app name to use its template to save a new account, the app will automatically show you the appropriate logo.
You can also select a picture from your system albums as your custom logo. And yet, if you are an Android user, you can pick logos from the installed apps on your phone.
See this
Pro No signup or login
Neither require sign-up and login nor collect personal information. They have no idea who you are, let alone bother you with ad tracking or promotional emails.
Cons
Con Forced cloud backup
The is no way to opt-out of saving all of passwords on LastPass servers.
Con Has been hacked before
And becomes extra bad as you are forced to have everything at one central cloud place.
Con Recently doubled annual subscription rates
This applies even if you're a re-subscribing customer.
Con Somewhat poor customer service
LastPass maintains a support forum which they mostly ignore, labeling it "mostly peer-to-peer support" leaving only their e-mail ticket system to turn to.
Con Not free/libre
This application is proprietary, and thus cannot be modified, freely distributed, or trusted to be secure.
Con History of bad support for the company behind LastPass
You never know how much you will pay for it because LogMeIn did the same with Hamachi product. Support will be bad.
Con Rates are ridiculous for one user
They cut services and increased prices after they were purchased by LogMeIn.
Con Doesn't Encrypt URL
Lastpass doesn't encrypt the links stored in the vault, which can be accessed by hackers. Encryption ONLY applies to Password and Username.
Con Very bad UX for sharing passwords with other people (in free version)
When on lastpass.com you update the contents of a password file, it gets updated only on your side, not on the side of people it is shared with (and the UI does not tell you anything about this).
Also, when you want to share a password file with someone, they often have trouble accessing it (bugs in registration or acceptation of the shared document).
Con No longer free
Least expensive plan is $2/month. Formerly, the lowest paid tier allowed sharing with family members. Now there's a family plan for $4/month.
Con Poor Email Support
Email support is slow and just offers canned responses that are not anymore helpful then their documentation.
Con Forgets to ask "add new site?" on some websites
So you are forced to add a new site manually, which takes too long (relatively speaking).
Con Clutzy configuration to have multiple URLs for one credential
LP does not have a single place to view or edit all URLs related to a given credential. It has the main one then the rest on an "equivalent URL" configuration page.
Con Cross-browser/client single login breaks all-the-time!
Spend lots of time trying to make it work and another day it's just broken again. Very frustrating.
Con During login, application loads for a very long time
Con Domain & path matching is overly complex
I want simple "this domain (along with its subdomain) should match these". There are features for that - "Equivalent Domains" & "URL Rules". But still I can't get it working for certain items, so that I have to duplicate them.
Con When generating passwords, LastPass tends to put the wrong info in forms
For forms with both an email address and username, LastPass tends to mix up and overwrite information.
Con Randomly loses custom/extra fields/passwords
Sometimes they get wiped. Don't forget to copy them into the notes section in the first place, which seems to be generally stable.
Con Can't start on mobile
Apparently you have to start with their web interface and/or browser extension. Can't just start on mobile.
Con Autofill glitchy
Hit and miss with autofill either filling or being able to submit.
Con Inconsistent categories
They get shuffled around. E.g. once a top level "_None" category was introduced by itself. Still couldn't get the hang of it.
Con Doesn't always log out when idle
This issue is especially common with the mobile app.
Con Mobile apps are not intuitive
There are large differences between iOS and Android; as well as from the base desktop and cloud interfaces. Option A doesn’t correspond to the same thing across platforms. Functions have different names on different platforms, and under different settings.
Con Closed source
Not being open source means that you have to trust them for what they say. Trusting someone with all your passwords is never a good idea.
Con Lack of desktop clients
It might seem that whole world is "mobile" now. But that's not true. A lot of people use their notebooks or even desktop computers to work from. Lack of Linux and Windows clients holds this back.
But it has an extension that supports Chrome, Firefox and Edge. You can autofill passwords on desktop browsers with the help of the app.
Here is a post to share how the extension works.
Another post to introduce the extension's security designs.
Con Chinese company
ID Guard Offline is owned by Bluespace Tech, a company based in Guangdong, China.