For those looking for an easy way to manage their many passwords, two software platforms which promise to help are KeePass and LastPass.
KeePass is an open-source password manager. That makes it free, but it still helps to protect passwords in a way that is secure. Users can place every password into one database, which is then locked with a key file or one master key. That makes it possible to access every password by remembering just one password.
LastPass isn’t an open-source platform, but there is a still a free version that can be accessed. Users can choose to upgrade to a Premium plan for $2 per month if they prefer. It provides users with an option to store passwords, digital records, and other items that need to be digitally secured. This platform allows users to grant family and friends access to their account should an emergency arise.
Here are some additional points of comparison to think about and discuss in the KeePass vs LastPass debate.
1. Initial Setup
KeePass offers users a straightforward database solution. Users select their key file or master password and then begin to add entries to the database. It requires a user name, password, URL, and different groups or sub-groups to help manage the information. Icons can also be used to make organizing the database easier for most users.
The same information must be inputted into LastPass. It can be entered manually or the browser plugin can be installed to capture login credentials from specific URLs.
2. Simplicity of Use
Because KeePass is an open-source solution, you have full control over your information. There are several apps and plugins that can be utilized with this platform to help it work with a preferred operating system or browser. That is required because the platform takes several different approaches to keeping information secure.
KeePass requires one set of files that support native Windows applications. A second set of files is required for other platforms. Mac platforms require KeePassX, which doesn’t support the same files that other platforms support. All this information is then compiled into a database that users are required to maintain.
LastPass utilizes a proprietary technology to secure passwords. It offers a browser extension that makes it possible to create a unique password, which can then be securely saved on the platform’s servers. It will also retain common information used in filling out web forms to reduce time logging in or shopping online.
It is very easy to use, but places final control of the database with LastPass instead of the user.
3. Privacy and Security
KeePass is a localized solution that is stored in database form. Although it requires synching to keep the file up-to-date, the information is kept separately from the various access points someone may try to access your data. Even if someone could access your KeePass file, they would need the master key to open the database to discover your other passwords. That creates a very secure solution.
Users would be required to keep backups of their database in secure locations, preferably offline, in case something happened to the primary file.
LastPass has experienced a minimum of three data breaches since its founding. They use a cloud-based system with layered vaults for encryption, which eliminates the need to store files locally. On the other hand, their system works within the browser as an extension for most users, which makes their data a high-priority target.
Users find LastPass tends to be more convenient, but the convenience comes with a reduced level of privacy.
4. User Friendliness
KeePass is structured in a way that is familiar for most users. Although there is a steep learning curve, users who are technically savvy can find the right path to navigate. The UX works much like a traditional desktop application, with passwords held in a way that is similar to the standard file tree. It may be designed to store passwords, but it can store virtually type of data that must be secure, just like any other password protection option.
LastPass offers a web interface that virtually anyone can use. The company says that it never sees the data that is stored on its serves because the passwords and secure data received AES 256 encryption locally before the data is sent to them. It syncs to all devices quickly and easily once fully installed on all platforms. It has fewer settings, offers multi-factor authentication, and can be installed on mobile devices when purchasing the premium version.
5. Autofill Options
KeePass requires users to perform a right-click on a database entry. This will open the URL and then another right-click is required to perform an “auto type.” This inserts the credentials for a specific website. Command strings can be created for sites that require multiple logins or have specific instructions that must be followed.
LastPass maintains URL entries within their vault. It will take you to a specific URL and then enter the login credentials automatically in a one-step process. This information can include name and address information or even credit card information to speed up the online shopping process.
6. Multiple Device Use
KeePass can be used on multiple devices if a third-party platform, such as Dropbox, is used to store the database. This reduces the localized security of the database, however, making KeePass become more like LastPass. There are several different ports for Android and Apple devices, making it possible to access password or secure data from certain mobile devices.
Multiple device use is permitted on LastPass only if the premium plan is purchased. At $2 per month, the cost is minimal, but that is still more than free. Users must also authorize the browser plugin to gain the full functionality of this password management platform.
KeePass vs LastPass: Which Is Better?
In the KeePass vs LastPass debate, the final decision often involves a preference for security or a preference for convenience. Those who have the technical capability to manage KeePass usually prefer the open-source option because it allows them to maintain the security of their information locally. If they need extra data access, syncing options are available to create greater ease in data access.
LastPass doesn’t require users to maintain a local database. It does, however, expect users to use a browser extension if the full capabilities of the platform are going to be utilized. Being tied to the browser makes it more convenient for the average user to add another layer of security to their online experience without in-depth training.
Both options add security and convenience in their own way. The better option will depend on the specific needs of each user.
Have you used KeePass and LastPass? What are your impressions of both platforms?