You need a password for every website you sign in to. For many of us, that’s hundreds! How do you manage them? Do you reuse the same password, keep a list somewhere, or regularly click on the reset password link? There’s a better way. Password managers will keep track of them for you, and LastPass and KeePass are two popular, but very different choices. How do they compare?
LastPass is a popular password manager that’s easy to use and offers a workable free plan. Paid subscriptions add features, priority tech support, and extra storage. It’s primarily a web-based service, and apps are offered for Mac, iOS, and Android. Read our detailed review.
KeePass is a geekier open-source alternative that stores your passwords on your computer rather than in the cloud. The software is quite technical and may suit advanced users. A Windows version is available officially, and there are quite a number of unofficial ports to other operating systems. A range of plugins has been developed that increase the functionality of the app.
How They Compare
1. Supported Platforms
You need a password manager that works on every platform you use. LastPass fits the bill, and works with all major operating systems and web browsers:
- Desktop: Windows, Mac, Linux, Chrome OS,
- Mobile: iOS, Android, Windows Phone, watchOS,
- Browsers: Chrome, Firefox, Internet Explorer, Safari, Edge, Maxthon, Opera.
KeePass is different. The official version is a Windows app, and because it’s open-source, various individuals have been able to port it to other operating systems. Not all of these ports are of the same quality, and there are multiple options for each operating system, including:
- 5 for Mac,
- 1 for Chromebook,
- 9 for iOS,
- 3 for Android,
- 3 for Windows Phone,
- 3 for Blackberry,
- 1 for Pocket PC,
- and more!
Those options can be confusing! There’s no easy way to know which version is best for you other than trying a few. When evaluating the app on my iMac, I used KeePassXC.
If you use KeePass on multiple devices, your passwords won’t be synced between them automatically. They’re stored in a single file, and you’ll have to sync that file using Dropbox or a similar service.
Winner: LastPass supports most popular platforms out of the box, while KeePass relies on ports by third parties.
2. Filling In Passwords
LastPass allows you to add passwords in a number of ways: by adding them manually, by watching you log in and learning your passwords one-by-one, or by importing them from a web browser or other password manager.
KeePass won’t learn your passwords as you type them, but it does allow you to add them manually or import them from a CSV (“comma-separated values”) file, a format most password managers can export to. Some reviewers mentioned that the app can directly import from a number of other password managers, but the version I’m using doesn’t. KeePass can’t learn your passwords by watching you log in to websites.
Once you have some passwords in the vault, LastPass will automatically fill in your username and password when you reach a login page.
Once I found the right Chrome extension (in my case it’s KeePassXC-Browser), KeePass offered the same convenience. Prior to that, I found initiating a login directly from the app trickier and less convenient than other password managers.
LastPass has an advantage: it lets you customize your logins site-by-site. For example, I don’t want it to be too easy to log in to my bank, and prefer to have to type a password before I’m logged in.
Winner: LastPass. It lets you customize each login individually, allowing you to require that your master password be typed before logging into a site.
3. Generating New Passwords
Your passwords should be strong—fairly long and not a dictionary word—so they are hard to break. And they should be unique so that if your password for one site is compromised, your other sites won’t be vulnerable. Both apps make this easy.
LastPass can generate strong, unique passwords whenever you create a new login. You can customize the length of each password, and the type of characters that are included, and you can specify that the password is easy to say or easy to read, to make the password easier to remember or type when necessary.
KeePass will also generate passwords automatically and offers similar customization options. But you need to do this from the app rather than your browser.
Winner: Tie. Both services will generate a strong, unique, configurable password whenever you need one.
Storing your passwords in the cloud may concern you. Isn’t it like putting all your eggs in one basket? If your account was hacked they’d get access to all your other accounts. LastPass takes steps to ensure that if someone does discover your username and password, they still won’t be able to log into your account.
You log in with a master password, and you should choose a strong one. For additional security, the app uses two-factor authentication (2FA). When you try to log in on an unfamiliar device, you’ll receive a unique code by email so you can confirm that it’s really you logging in. Premium subscribers get additional 2FA options. This level of security is sufficient for most users—even when LastPass was breached, the hackers were not able to retrieve anything from users’ password vaults.
KeePass bypasses the concern of storing your passwords online by storing them locally, on your own computer or network. If you decide to use a syncing service like Dropbox to make them available on your other devices, choose one that uses security practices and policies you’re comfortable with.
Like LastPass, KeePass encrypts your vault. You can unlock it using either a master password, key file, or both.
Winner: Tie. LastPass takes strong security precautions to protect your data on the cloud. KeePass keeps your passwords securely encrypted on your own computer. If you need to synchronize them onto other devices, any security concerns now move to the syncing service you choose.
5. Password Sharing
Instead of sharing passwords on a scrap of paper or a text message, do it securely using a password manager. The other person will need to use the same one as you do, but their passwords will be automatically updated automatically if you change them, and you’ll be able to share the login without them actually knowing the password.
All LastPass plans allow you to share passwords, including the free one. The Sharing Center shows you at a glance which passwords you’ve shared with others, and which they’ve shared with you.
If you’re paying for LastPass, you can share entire folders and manage who has access. You could have a Family folder to which you invite family members and folders for each team you share passwords with. Then, to share a password, you’d just add it to the right folder.
KeePass takes an entirely different approach. It’s a multi-user application, so if you store your vault on a shared network drive or file server, others can access the same database using your master password or key file.
This isn’t as finely grained as with LastPass—you choose to share everything or nothing. You could create different password databases for different purposes, and only share your password for certain ones, but this is far less convenient than LastPass’s approach.
Winner: LastPass. It allows you to share passwords and (if you pay) folders of passwords with others.
6. Web Form Filling
Besides filling in passwords, LastPass can automatically fill in web forms, including payments. Its Addresses section stores your personal information that will be filled in automatically when making purchases and creating new accounts—even when using the free plan.
The same goes for the Payment Cards and Bank Accounts sections.
When you need to fill in a form, LastPass offers to do it for you.
KeePass can’t fill in forms by default, but third-parties have created plugins that can. A quick search on the KeePass Plugins and Extensions page finds at least three solutions: KeeForm, KeePasser, and WebAutoType. I haven’t tried them, but from what I can tell, they don’t seem to do the job as conveniently as LastPass.
Winner: LastPass. It can fill in web forms natively and seems more convenient than KeePass’s form-filling plugins.
7. Private Documents and Information
Since password managers provide a secure place in the cloud for your passwords, why not store other personal and sensitive information there as well? LastPass offers a Notes section where you can store your private information. Think of it as a digital notebook that’s password-protected where you can store sensitive information such as social security numbers, passport numbers, and the combination to your safe or alarm.
You can attach files to these notes (as well as addresses, payment cards, and bank accounts, but not passwords). Free users are allocated 50 MB for file attachments, and Premium users have 1 GB. To upload attachments using a web browser you will have had to have installed the “binary enabled” LastPass Universal Installer for your operating system.
Finally, there’s a wide range of other personal data types that can be added to LastPass, such as driver’s licenses, passports, social security numbers, database and server logins, and software licenses.
While KeePass doesn’t have a separate section for your reference material, you can add notes to any password. I suppose you could add an entry just to record notes, but this doesn’t compare with LastPass’s rich feature set.
Winner: LastPass. It allows you to store secure notes, a wide range of data types, and files.
8. Security Audit
From time to time, a web service that you use will be hacked, and your password compromised. That’s a great time to change your password! But how do you know when that happens? It’s hard to keep track of so many logins, but many password managers will let you know, and LastPass’ Security Challenge feature is a good example.
- It will go through all of your passwords looking for security concerns including:
- compromised passwords,
- weak passwords,
- reused passwords, and
- old passwords.
LastPass will even offer to automatically change the passwords of some sites for you, which is incredibly handy, and even available to those using the free plan.
KeePass doesn’t have anything comparable. The best I could find is a Password Quality Estimation plugin that adds a column to rank your password strength, helping you identify weak passwords.
Winner: LastPass. It warns you of password-related security concerns, including when a site you use has been breached and also offers to change passwords automatically, though not all sites are supported.
9. Pricing & Value
Most password managers have subscriptions that cost $35-40/month. These two apps go against the grain by allowing you to manage your passwords for free.
KeePass is completely free, with no strings attached. LastPass offers a very usable free plan—one that allows you to sync an unlimited number of passwords to an unlimited number of devices, as well as most of the features you’ll need. It also offers additional plans that require you to pay a subscription:
- Premium: $36/year,
- Families (6 family members included): $48/year,
- Team: $48/user/year,
- Business: up to $96/user/year.
Winner: Tie. KeePass is completely free, and LastPass offers an excellent free plan.
The Final Verdict
Today, everyone needs a password manager. We deal with too many passwords to keep them all in our heads, and typing them manually is no fun, especially when they’re long and complex. Both LastPass and KeePass are excellent applications with loyal followings.
Unless you’re a geek, I strongly recommend you choose LastPass over KeePass. I’m familiar with open source software—I used Linux as my only operating system for almost a decade (and loved it)—so I understand that there’s a certain satisfaction that comes from solving technical puzzles to get an app to behave the way you want. But most people don’t feel that way.
LastPass is much more usable and much more capable. It will make your passwords available on all of your devices without needing to resort to a third-party solution. It will also let you share your passwords with others, manage sensitive documents and information, and offers full-featured password auditing and offers to change your passwords automatically.
KeePass has a place for technical users who are willing to put in the effort to get it working the way they want. Some users will appreciate that your data is stored securely on your own computer rather than the cloud, others will love how customizable and extensible it is, and many will appreciate that it’s open source.
Which one is right for you? I think that for most of you the decision is pretty cut and dry. But if you’re having trouble deciding, I recommend you carefully evaluate each app to see for yourself which best meets your needs.