Log in through the extension

LastPass is best experienced through your browser extension. Install LastPass for Firefox to automatically login to sites as you browse the web.

Install LastPass Close

Trusted. Secure. Reliable.

Safeguarding your data is what we do, with proactive security and reliability as cornerstones of our mission.

A foundation of security

Security is our mission at LastPass. At every step, we've designed LastPass to protect what you store, so you can trust it with your sensitive data.

soc-2-Type-2-compliance-icons-svg

SOC 2 & ISO 27001 Compliance

This detailed review of our controls and processes is a “gold standard” for confirming the security and reliability of LastPass.

regular-audits-pen-tests-icons-svg

Regular audits & pen tests

We engage trusted, world-class, third-party security firms to conduct routine audits and testing of the LastPass service and infrastructure.

strong-data-encryption-icons-blue-right-svg

Strong data encryption

Sensitive data is encrypted at the device level with AES-256 before syncing with TLS to protect from on-path attackers.

bug-bounty-program-icons-blue-left-svg

Bug bounty program

Our bug bounty program incentivizes responsible disclosure and improvements to our service from top security researchers.

reliable-service-icons-yellow-left-svg

Reliable Service

LastPass operates out of multiple, geo-distributed facilities that can handle all customer traffic for redundancy.

transparent-incident-response-icons-icons-green-svg

Transparent incident response

Our team reacts swiftly to reports of bugs or vulnerabilities and communicates transparently with our community.

Secure product architecture

LastPass is designed to keep sensitive data safe using a local-only, zero knowledge security model.

Private Master Password

Zero knowledge means that no one has access to your master password or the data stored in your vault, except you. Not even LastPass.

End-point encryption

Encryption happens exclusively at the device level before syncing to LastPass for safe storage, so only users can decrypt their data.

256-bit AES encryption

This is the industry standard encryption method – its the same encryption type utilized by banks and the military.

PBKDF2-SHA256 for brute-force attacks

We strengthen the encryption key against large-scale, brute-force attacks by slowing down guesses.

Privacy by design

Biometric data is encrypted at the device level and never leaves the user’s device, protecting biometric data from server-side attacks.

Powerful security features

Businesses can take password security into their own hands with LastPass.

Multi-factor authentication

Add extra security to company date by leveraging LastPass MFA’s biometric and contextual intelligence, without adding more complexity.

Protect every access point

With coverage over cloud, mobile, and legacy apps through single sign-on and password management, LastPass Business secures every access point.

All-in-one identity solution

Visibility from single sign-on to password management to adaptive authentication, without the hassle of managing multiple solutions.

Centralized IT control

The admin dashboard gives controls over user access, authentication, and password behavior with over 100 configurable policies to and improve security.

img_icon_illustrative_security-shield-svg

Trust Center

Your single source for the latest security, privacy, compliance, and system performance information.

Go to Trust Center
img_icon_illustrative_resources-svg

Product Resources

Consult the documentation on product-specific technical, organizational, and compliance measures.

View Resources
img_icon_illustrative_faq-svg

Trust Center, Privacy & Security FAQ

Visit our FAQ page to find answers to your product compliance-related questions.

Go to FAQs

Get started with LastPass

LastPass makes it easy to improve employee password habits and endpoint security. See for yourself with a free 14-day trial. No credit card required.