LastPass and KeePass are among the best password managers. Comparable in price, features, and compatibility, these services are ultimately designed for different types of users. If you are tech-savvy, looking for a free password manager, and don’t mind navigating tech talk and fumbling around a bit, KeePass is a great option.
LastPass is more intuitive and rich in plug-and-play features. It has a couple of security dings, but the company’s transparency builds trust, and it has a long-sustaining track record. I found LastPass easier to implement without any hassle.
Which password manager should you get? Let this KeePass vs. LastPass face-off help you decide.
Our bottom line: LastPass has the edge on platform compatibility, UX, form filling, and 2FA, but KeePass wins in pricing and security. The decision depends on your desire to tinker with technology since KeePass is open source and always a work in progress.
Platform compatibility: ChromeOS, Firefox, Opera, Safari, Edge, iOS, Android, Windows PC, MacOS, Linux
Security: AES 256-bit encryption, 2FA
Access on one device (free plan)
2FA with all plans
KeePass vs. LastPass: Plans and Pricing
Price winner: KeePass
Always free, open source
Free forever plan; $36 per year for premium; $48 per year for up to six people
KeePass is open source, meaning the code is designed to be accessed by the public. Anyone can use, view, modify, and distribute it — and this has pros and cons.
A real benefit is in pricing. KeePass is always free, unlike most best password managers that offer no-cost, basic plans or free trials. If you aren’t afraid of a do-it-yourself (DIY) project, then KeePass is a solid pick as a password manager.
It may not be one of the best password managers, but it is the most favorably priced. You can donate to reward the developer, Dominik Reichl, for keeping the software up to date. And not only is KeePass among the best cheap password managers of 2023 — it’s free.
LastPass offers a free tier, but unfortunately, it isn’t the deal it used to be, as the plan is now limited to syncing data only among computers or mobile devices. You can only use the free version on one device, though it’s for as long as you like.
I like that you get a 30-day Premium trial. But if you’re only working with the free version, you can still get a feel for how this password generator works with features like unlimited passwords, save and autofill, one-to-one sharing, and a password generator function.
Winner: KeePass wins because it is always and only free.
KeePass vs. LastPass: Platform Compatibility
Platform compatibility winner: LastPass
OS: Windows, Linux
Supported browsers: Chrome, Firefox, Safari, Edge, and Opera (with plug-in)
OS: ChromeOS, iOS, Android, Windows PC, MacOS, Linux
A downside to KeePass is its limited operating system (OS) compatibility; it can only be used on Windows or Linux. As for browsers, you can use KeePass on Chrome, Firefox, Safari, Edge, and Opera (with a plug-in).
Because KeePass is an open-source project, don’t expect it to roll out additional releases for other platforms. That said, a pro is that others using KeePass have ported it to different platforms, and you can find links to download those ports on the developer’s download page. Those include Android, iOS, and macOS.
LastPass supports major OSes, beating out KeePass. LastPass is compatible with ChromeOS, iOS, Android, Windows PC, MacOS, and Linux. It also works on the major browsers most of us use. You don’t have to tinker or download a port to access LastPass on the OS of your choice like you might with KeePass.
LastPass recommends running Windows 8.1 and above, Catalina 10.15 (for macOS), Chrome OS, or one of the most common distributions of Linux. Supported browsers include Chrome, Edge, Firefox, Safari, and Opera.
There are two types of LastPass browser extensions; you can find the first in your browser’s extensions library. Brave and Vivaldi can use this Chrome extension and SeaMonkey the Firefox one. On mobile, LastPass is available for iOS 13 and up.
Full support with automatic form-filling requires Android 8.0 Oreo or later. Still, the app will run on Android 5.0 Lollipop and later.
Winner: LastPass wins for compatibility because of its range of OSes and browser platforms that suit almost everyone.
KeePass vs.LastPass: UX
UX winner: LastPass
Not pretty but gets the job done
A simple, minimalist browser extension is easy to navigate
KeePass is not a sleek, modern platform — and as an open-source project, it has quirks that either motivate you to navigate and play around with it, or walk away. There’s no hand-holding with KeePass, and I would not call it intuitive.
But it does get the job done and functions well. I imported my passwords from a CSV file and referred to the helpful FAQ section whenever I encountered hiccups.
The support will not walk you through how to use KeePass like many other paid-subscription password managers. But it’s not tough to figure out. However, if you are tech-illiterate, taking extra steps to “figure it out” is probably a real deal-breaker.
On the LastPass side, the desktop app has six primary and five secondary sections, making it a bit more like the web experience. While the macOS version is fairly robust, the Windows desktop app is no longer being developed and has some significant limitations.
In my experience, the pairing of the LastPass browser extension with the web app is almost all you’ll ever need.
Importing passwords from other stand-alone and browser-based password managers is a breeze in LastPass, which supports imports from nearly 30 different platforms. Meanwhile, 1Password imports passwords directly from only a few other password managers, including LastPass and Dashlane.
Winner: LastPass wins UX for its clean design and easy-to-navigate tools.
KeePass vs. LastPass: Form Filling
Form filling winner: LastPass
Auto Type tool
macOS: Mobile browsers and apps (latest iOS version)
Android: Mobile browsers and apps
KeePass does not technically offer form filling, but you can use the Auto Type tool that works similarly. I thought it was a little tricky to set up and use. Most password managers prompt you when they detect a text field or form. This is not the case with KeePass.
But if you like the idea of modifying when keystrokes trigger a password, it allows you to customize with Auto Type and even set it up to perform functions aside from web browsing. Again, it all goes back to the desire to tinker.
If you like to tinker, KeePass is a solid choice as a free password manager. I found the lack of typical form-filling to be a pain.
LastPass’s form-filling function on mobile devices works via a Safari browser extension for iOS 8 and above and as a built-in app feature for Android 8.0 Oreo or later. LastPass offers the form-filling capabilities I expect from a password manager, including logins, addresses, and credit card information on desktop and mobile devices.
Winner: LastPass wins form-filling because of its ease of use and compatibility on a range of operating systems and browsers.
KeePass vs. LastPass: Security
Security winner: KeePass
Uses 256-bit AES encryption and the Twofish algorithm, in addition to 256-bit ChaCha20
Data is also encrypted and stored locally on the device or via a USB drive
Data can only be decrypted using a master key
Security enhanced password-edit controls
Process memory protection
Uses 256-bit AES encryption
Passwords are monitored for weaknesses
Built-in password generator
1GB of storage
Secure password sharing
Systems and Organization Controls 2 (SOC 2) compliant
Most password managers use powerful 256-bit AES encryption, but KeePass takes it to the next level with its 256-bit ChaCha20 encryption and Twofish algorithm. The Twofish security means the same key encrypts and decrypts data, and once the key is “turned,” it morphs the information into ciphertext that cannot be read without decoding. It’s supposed to be safe from trial-and-error attacks.
KeePass was one of the first password managers to include secure edit controls to protect entered passwords against memory dumping attacks. KeePass memory can’t even “see” the passwords. That said, the feature must be turned on. If you show passwords in plaintext, secure edit controls are disabled.
LastPass paying users utilize the Security Dashboard, which analyzes all your stored passwords for weaknesses and whether any have been compromised in data breaches. The provider offers dark web monitoring, and it did a nice job of identifying my weak passwords and giving helpful suggestions.
As I’d expect from a password manager, LastPass uses AES-256 bit encryption. It also implements PBKDF2 SHA-256 and salted hashes to secure cloud data. I created a strong master password that locally generates a unique encryption key. As with zero-knowledge architecture, not even LastPass knows my master password. The same is true with KeePass.
But the downside is that it experienced two recent security breaches. LastPass is transparent about the incidents, providing this security breach statement that states the company completed a thorough investigation and has not identified any threat-actor activity since October 26, 2022.
Also, LastPass invested time and effort to harden and improve overall security operations. The company shared that the threat was from third parties and did not originate in-house. While I wouldn’t discount LastPass’s secure environment because of these incidents, if we are comparing it to KeePass for security, the latter has a more rigid architecture.
Winner: KeePass wins security for its ChaCha20 encryption that goes above and beyond the industry standard AES-256 bit encryption.
KeePass vs. LastPass: 2FA
2FA winner: LastPass
One-time password (OTP) generator
Compatible with Authy and Microsoft Authenticator
Hardware authenticators include YubiKey and Titan key
Fingerprint sensors for premium service
Multifactor authentication (MFA)
You can add an OTP generator to sensitive accounts by enabling KeePass’s 2FA security option — this is pretty standard. I received a text or email with a confirmation code before accessing my account. It’s not intuitive to enable, but it’s an important feature I didn’t have to pay for with my always-free subscription.
LastPass’s free plan works with authenticator apps, including LastPass Authenticator, Google Authenticator, Microsoft Authenticator, Duo Security, and Transakt. Those with a LastPass premium subscription can also use hardware authenticators such as Yubico’s YubiKey, a fingerprint sensor or a smart-card reader.
Also, the platform offers an MFA feature called Grid, a chart you can print out to generate security codes manually.
Winner: LastPass wins 2FA because even the free plan works with various authenticator apps, and the process is intuitive.
Should You Get KeePass or LastPass?
Bottom line winner: LastPass
Open source and always free
Robust security with AES 256-bit encryption along with ChaCha20 and Twofish algorithm
Best for: If you are tech-savvy and want a free tool
Simple user interface (UI) with easy setup and navigation
The free version is available as long as you like
MFA included with free plan
Innovative reward system to earn 10% subscription discount by exploring LastPass features
Best for: Flexibility with no time limit on the free plan, rewards to save on cost, and ease of use
If you consider yourself tech savvy and don’t mind working your way around a platform, KeePass is a secure, totally free password manager. It is open source, meaning anyone can access the code, change it, and update it.
You might wonder if this makes KeePass secure. The company considers it a security policy against accusations of including back doors in the software. And KeePass wins in security vs. LastPass for its extra layer of encryption with ChaCha20. (Plus, LastPass has experienced some breaches.)
KeePass has been around since 2003, while LastPass started in 2008. So relatively speaking, both have longevity in the password manager market.
Even if you want a free password manager, I’d hesitate to recommend KeePass unless you are technically capable or at least interested in tinkering and learning. If you are, KeePass definitely has capabilities. But it’s not turn-key, intuitive, or easy to navigate. From a UX perspective, don’t expect a modern, sleek design.
LastPass checks all the boxes in the UX, compatibility, 2FA, and form-filling categories. Its pricing is comparable to other password managers, and the forever free plan is limited to one device with basic features only.
The most robust and cost-effective plan is premium, and its security dashboard includes dark web monitoring with paid plans, a tool other password managers do not offer. LastPass stands out because of its functionality and ease of use. While it experienced security breaches, its transparency in addressing those concerns builds trust.
How I Evaluated KeePass vs. LastPass
On the surface, all password managers essentially generate and store passwords. As I evaluated providers, I dug deeper, comparing software on what matters most, including price, platform compatibility, security, and other factors.
I signed up for a plan with each provider to test:
Plan value: Most password managers offer various subscription plans from free to around $20 per month. While free plans may be sufficient for some, those that need more functionality may prefer paid plans. We included a wide array of free and paid password managers to find the one that works best for you.
Platform compatibility: You likely access your online accounts from multiple devices, including desktops, laptops, tablets, phones, as well as through different web browsers. Your password manager should be compatible with various devices, operating systems and browsers, and sync seamlessly between them all.
UX: This is how you interface with all the features and functions of your new password manager — if it’s bad, you’ll be less likely to use the service. While this is a highly subjective category and some will disagree, it’s important to provide an overview based on my experience.
Form filling: A password manager doesn’t have to include form-filling, but it’s somewhat standard and the ease with which it performs that function can be the deciding factor in which password manager you ultimately choose.
Security: Since a password manager is first and foremost a security tool, it should come with all of the most up-to-date standard security features. This includes the highest level of available encryption (256-bit AES with PBKDF2-HMAC-SHA512); 2FA, such as biometric logins or MFA, and a password generator.
Two-factor authentication (2FA): Used all over the internet to protect your accounts, this is quickly becoming a standard security practice. 2FA is a great way to secure more sensitive accounts to ensure they’re not breached.
Kallstrom is a Cyber Team Lead for a Department of Defense (DOD) contracting company in Huntsville, Alabama, and has also worked as a computer network defense (CND) Cyber Analyst. An author and content creator for a cybersecurity academy, Kallstrom spent nearly 15 years in the Army as a musician before entering the cybersecurity field.
He holds a bachelor’s degree in music from Thomas Edison State University and a master’s in organizational development and leadership from the University of the Incarnate Word.
Kallstrom has completed several Computing Technology Industry Association (CompTIA) courses, including Security+, Network+, A+ Core 1, and A+ Core 2. He earned a CompTIA Security+ Certification. Additionally, he has completed the Cyber Warrior Academy program with more than 800 hours of hands-on, intensive, and lab-driven technical training in cybersecurity methods and procedures.
Passionate about all things cyber, Kallstrom was a speaker on a panel at the 2022 InfoSec World conference, giving a talk entitled “Hacking into a Cyber Career – True Stories.” Kallstrom is also a mentor to entry-level cybersecurity candidates seeking to break into the field. When he’s not working, he still enjoys playing guitar and fishing (not phishing).