Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
IT Technology

LastPass' Free Tier Will Become a Lot Less Useful Next Month (theverge.com) 189

LastPass is adding new restrictions to its free subscription tier starting March 16th that'll only allow users to view and manage passwords on one category of devices: mobile or computer. From a report: Mobile users will be limited to iOS and Android phones, iPads, Android tablets, and smartwatches. Computer subscribers will be able to use their passwords from Windows, macOS, and Linux desktops and laptops, the LastPass browser extension, and Windows tablets. Users on LastPass' free tier will be asked to pick between the two options the first time they log in after March 16th, and the company says they'll be able to switch between categories up to three times after they've picked. Although customers are restricted to a single category of devices on the free tier, they'll still be able view and manage passwords from an unlimited number of devices within either the mobile or computer category. LastPass says no users will be locked out of their accounts or lose access to their passwords as a result of the changes. As well as restricting its device types, LastPass is also changing the kinds of customer support free tier users will be able to access. From May 17th, free users will lose access to email support, the company announced.
This discussion has been archived. No new comments can be posted.

LastPass' Free Tier Will Become a Lot Less Useful Next Month

Comments Filter:
  • Bait and switch (Score:5, Insightful)

    by AmiMoJo ( 196126 ) on Tuesday February 16, 2021 @11:11AM (#61068820) Homepage Journal

    The classic startup tactic. Give it away for free, hope people get hooked on it and then try to charge. Even if you lose 99% of your customers maybe the remaining 1% is enough.

    • by LostOne ( 51301 )

      Of course, 99% paying nothing but incurring a cost to provide service is usually not a sustainable business model. One should always be suspicious of a service being provided for free.

      • by Merk42 ( 1906718 )
        Business model? No, you see people should write software, and support it forever, for free*!


        *and before anyone says "FOSS", a lot of that development is funded.
        • Just use KeePass (Score:5, Informative)

          by martynhare ( 7125343 ) on Tuesday February 16, 2021 @02:49PM (#61069782)
          Supports synchronisation, uses a well-documented set of open standards and the reference software has been vetted for correctness by commercial entities and governments alike. Costs nothing to run, is FOSS, works on Windows, Linux and macOS and has plenty of compatible mobile ports. It even has an offline-compatribe web-based port which will work on any modern web browser. It even has a number of decent plugins to implement TOTP/HOTP style authentication too.

          Problem sorted, LastPass can go burn.
      • Comment removed based on user account deletion
        • by SirSlud ( 67381 )

          It's not just storing your passfile. They also write the app and extensions to autofill the forms for me, which adds value. I could write those extensions/apps myself, but it would cost me more.

          This is a common tactic when people want to say something isn't worth it - just trivialize what's being provided and artificially misrepresent the costs required to supply it. If you're not using anything other than the fact that it stores an encrypted file for you, then sure, you might have a point but the 'killer a

          • Maybe you are on to something here. Perhaps Last Pass should have separated the value add features, like filling in forms and handling local authentication. They could even enable it partially, only for one week a month in a free version, with a popup reminding people it's a free taste, and an option to disable the value add completely to avoid the popup. I'm sure there would be some usability things to work out, but it's possible.

            That said, the purpose of limiting the free version is to convince people to

      • I look at free trial plans as a form of advertising.
    • by Tablizer ( 95088 )

      Assume everything on the internet is transient. If it lasts, you got lucky; if not, don't be disappointed.

      • Slashdot got lucky then. This is year what now?

        • by Tablizer ( 95088 )

          Indeed! Slashdot is an exception to the rule. A lot of services and tools I used to use are long gone or morphed into corporate crap-holes.

          Maybe in the year 2070 slashdot will still be around...and still not allow corrections nor handle Unicode correctly ;-)

    • Re: (Score:3, Interesting)

      by alexgieg ( 948359 )

      Even if you lose 99% of your customers maybe the remaining 1% is enough.

      I was a paid premium user until last month, as I had paid it for several years back when the price was still a reasonable $1/month. Since my paid subscription ended I was wondering whether remaining as a LastPass free user was good enough, or if I should go through the trouble of moving to an alternative service since LastPass definitely isn't worth $3/month. I researched a few, and they were either in the same price range or even pricier (!). Inertia was still pulling me into remaining with LastPass, so th

      • The family edition is $4/month and allows for 6 premium users. Maybe that's a way to get the price right. FWIW, for me $36 / year isn't worth more than 15 minutes of my time screwing around with a new service.
        • by chiguy ( 522222 )

          Exactly this. I'm surprised at all the tech pros who make at least $40/hr complaining about $3/month in cost for software that gets supported across multiple platforms that they don't have to support themselves. Even with KeePass, you have to set up the infrastructure and go digging for ports for each device. And you somehow trust every one of these independent developers. If you really need the added security or it's a hobby, fine. But for folks with stuff to do, fighting this battle seems unnecessary.

    • Why would you not pay for the full version of a password manager application? From a cost/value perspective, it seems really dumb to assume perpetual password management on a "free" product.

      And at this stage, if you haven't figured out the get-you-dependent-and-raise-prices business strategy of anything cloud based, maybe you ought to just turn off the internet and stay home. I'm not saying it's good, it's awful in many ways, but here we are.

      • Why would you not pay for the full version of a password manager application?

        I suppose because the service isn't worth $36/year?

      • Well as I pretty much said above, the majority has some kind of always-on connection. There's nothing from a technical standpoint keeping people from running a personal service, just like some do to get away from Gmail. I can even access my home network from my mobile so that's not left out. Problem is there's no complete solution out there (piecemeal maybe). Google print and voice both demonstrated with proper software support (built into printer and ATA) one could access a local resource from anywhere (mo

      • by Rhipf ( 525263 )

        From a cost/value perspective, it seems really dumb to assume perpetual password management.

        I think you could have just stopped your sentence there. The only real "perpetual password management" system is pen and paper and even that depends on you not losing the paper that the passwords are written on. 8^)

    • The classic startup tactic. Give it away for free, hope people get hooked on it and then try to charge. - Agreed.
      • Not as much a condemnation as some of you think. All it basically says is that some don't know the value of what they need or want. How important is security? How important is it if you have to pay for it? Shouldn't the answer be the same to both?

    • Or... an inventive way to double the size of the user / account base. Since users will be restricted to either mobile or computer systems, why wouldn't they just pick one type for their existing account and then create a second account for the other type. Just like that, LastPass goes from having (say) 1M users to 2M users. Would look good on an investor report... /cynical

    • by mysidia ( 191772 )

      The classic startup tactic. Give it away for free, hope people get hooked on it and then try to charge.

      Actually.. it sounds kind of more like going back to what they were before. When LastPass first started, they were free for use on PCs/Browsers.. the mobile app was only available to Premium Users.

      In fact... I didn't realize they had made the mobile app available to Free users. Like wait... I prepaid up about 10 years of LastPass at about a $12 a year, only to have the benefit I paid for becom

  • Alternatives (Score:5, Informative)

    by RemindMeLater ( 7146661 ) on Tuesday February 16, 2021 @11:13AM (#61068830)
    BitWarden [bitwarden.com] is an open-source option that's free for basic use. $10/year gets you OTP and 1GB encrypted storage. No affiliation.
    • +1 for Bitwarden. it works very well, and in my opinion the interface is significantly better than LastPass' (I use both, since we have LastPass Enterprise at work).

      The OTP functionality works very well too. I will say that is much easier to set up (for a given site) on mobile than on the desktop, but once initialized it works equally well for both.

    • Bitwarden is awesome. They offer a containerized version which I have spun up on an AWS instance. I wrote some bash scripts that backs the whole thing up to a Raspberry Pi Zero every night. Mobile app and browser support are great.
    • by Arethan ( 223197 )

      +1 for BitWarden - I switched from LastPass to BitWarden a bit over a year ago and have no regrets.

  • Confusing at best.. (Score:4, Interesting)

    by Arzaboa ( 2804779 ) on Tuesday February 16, 2021 @11:23AM (#61068884)

    I use Lastpass across my devices. From reading the article, it seems to say that I have to choose either mobile, or PC. I have 3 times to switch back and forth. I won't lose access to my passwords?

    If I have to choose and I only have 3 chances to get this right, what quits working?

    Seems like someone had to take the time to code some sort of app killing logic into these. I've always been a fan of Lastpass, but they have lost me on this one. It's not that hard to move one's passwords to another password manager. I don't want to get caught passwordless, with them screwing around here.

    I don't like confusion from something so important. I despise self imploding software.

    --
    If you can't convince them, confuse them. - Harry S Truman

    • If I have to choose and I only have 3 chances to get this right, what quits working?

      Presumably, once you select "Computer" your LastPass app (iPhone and Android) stops allowing you to login into your account. Or, if you select "Mobile", your LastPass addons (Chrome and Firefox) stop allowing you to login into your account. In short, as a free user you'll need to opt for either the LastPass apps, or the LastPass addons, as you won't be able to use both.

      Let's say you chose "apps" first. What you will be able to do three times is to change your choice three time: 1) apps to addons, at which p

    • Isn't it simpler to pay the $36/year or $48 for 6 users? If not, Bitwarden seems like a better option for you if "free" is critical..
  • Paper and pencil (Score:4, Insightful)

    by ZombieCatInABox ( 5665338 ) on Tuesday February 16, 2021 @11:24AM (#61068892)

    Paper and pencil. No hacker, no matter how skilled, can hack a piece of paper in your drawer.

    And if they can "social engineer" you to give them your passwords, well, all the password managers in the world will be of no help to you anyway.

  • Not unexpected (Score:4, Insightful)

    by bleh-of-the-huns ( 17740 ) on Tuesday February 16, 2021 @11:27AM (#61068908)

    I had a premium subscription for a few years but let it lapse simply because there really was no difference between the version. I knew this going in, and paid to support the application. However, while I am annoyed I will have to switch to a new setup, I cannot be mad at the company, it is a business not a non profit, and they need to make a profit. I suppose I could pay for premium again.. but under current conditions, my situation precludes doing that for now.

  • Gimmick people into paying for a sub that cost way too much for what they are providing.
    • by Pascoea ( 968200 )
      How much is it worth to you? Honest question, because my first reaction was the same as yours: "I'm not paying 3$/month for that shit."
      • Maybe $20 for a one time purchase.
      • People complain about being socially engineered but the fact it even works shows people's true natures, and that is that they want something for either little effort (lotteries, sweepstakes), or nothing (email,security).

        • by Pascoea ( 968200 )
          That is where I was torn. For the most part, I like the service. The only reason I didn't pay for it is because the basic functionality met my needs. I don't know why, $20/year seems reasonable, but $3/month just seems ridiculous. (I'm not saying that's right, that's just what my reaction was. Probably because it's on top of the other half-dozen $3-5/month subscriptions I'm already paying.) I'll likely just bite the bullet and pay them the $3/month.
          • I think the more important thing when it comes to things that cost is there's some form of competition. And with some of the free things there is.

          • That is where I was torn. For the most part, I like the service. The only reason I didn't pay for it is because the basic functionality met my needs. I don't know why, $20/year seems reasonable, but $3/month just seems ridiculous. (I'm not saying that's right, that's just what my reaction was. Probably because it's on top of the other half-dozen $3-5/month subscriptions I'm already paying.) I'll likely just bite the bullet and pay them the $3/month.

            No! Switch to bitwarden, I just did from LastPass and it was all of five minutes to move everything over. Bitwarden imported everything perfectly including secure notes and folders. the only thing it doesn’t import were attachments. Lastpass plug-ins have become buggy and awkward to use. In 5 minutes of using Bitwarden I felt stupid not to have switched sooner. Bitwarden is so much smoother and easier to use it’s like last pass used to be before they were purchased by log me in.

      • I pay $25/yr. for Schedules Direct for TV listings for MythTV. That is a bit high but there is a massive amount of data and automation involved.

        Paying $3 for 1KB of passwords to sync back and forth is a bit high. $10-15 per year is way more reasonable - but this is now owned by LogMeIn. Providing cloud infrastructure and continual mobile app updates is worth something perpetual, but the asking price is way too high.

  • by DrXym ( 126579 ) on Tuesday February 16, 2021 @11:38AM (#61068968)
    It's free, it's open source and it has desktop and mobile versions.
    • No real reason, other than to provide another free open source and highly plugin-extensible alternative to Password Safe.

      They do the same thing, but differ slightly in operation and interface.

  • I've been paying $2/month. Looks like its now $3month. Pretty affordable. The 'generate secure password' feature is so nice. I don't even know what my passwords are anymore, they are all different. Go ahead an xkcd me, hit me with that big wrench, I still can't tell you my password because I don't know it.

  • So I guess I am just gonna pay. I have a zillion passwords there and I need both mobile app and Windows browser access every day.

    • I'm pretty sure there's a simple way to export from LastPass and import into Bitwarden (or some other password manager).

    • by Ksevio ( 865461 )

      Export to csv is pretty easy, just a couple clicks (and reauthentication of course). Then you can import into another password manager just the same

  • by demon driver ( 1046738 ) on Tuesday February 16, 2021 @11:47AM (#61069048) Journal

    I used to be a LastPass user for quite some time, after it had come across as having a good reputation. I do remember several issues, though, which came up over time, an earlier one being a security breach. I stayed a customer, since I'm lazy and as I also was using their excellent XMarks bookmark sync service – which has long since been discontinued now. Much later, once it happened that their service wasn't reachable at a time when I really would have needed it. That made the decision for me – self-hosting another password keeping service. I might have chosen something based on KeyPass which I had been using ages ago when 'cloud' was not even a word, but I finally decided to self-host a Bitwarden instance and since then I'm happy. LastPass-Bitwarden export-import was easy enough. The only little thing I'm missing is an ability to automatically fill HTTP basic authentication dialogs in the browser.

  • by fred6666 ( 4718031 ) on Tuesday February 16, 2021 @11:50AM (#61069078)

    Why would I trust this company to store my passwords?
    Why isn't the free, in-browser password saving feature good enough?

    • - Your browser's password manager likely doesn't support OTP (two-factor auth).
      - Your browser's password manager likely doesn't support secure notes.

      One of the reasons I moved to Bitwarden - after using Apple's built-in Keychain for probably a decade - was Apple's half-assed approach to the Keychain on iOS. I use secure notes *a lot* - and, while Apple has offered that functionality forever, they *still* don't let you view secure notes on mobile devices.

      With Bitwarden, LastPass, and others, you can see your

      • - Your browser's password manager likely doesn't support OTP (two-factor auth).

        My company's forces me to use that "SafeNet MobilePASS" application to generate a code used for two-factor auth to connect to the VPN.
        How does LastPass help me?

        Anyway if the browser supported that, wouldn't it make it a single-factor auth since both the password and OTP would be stored at the same place?

        - Your browser's password manager likely doesn't support secure notes.

        What is is, and what am I missing by not using it?

        With Bitwarden, LastPass, and others, you can see your secure notes anywhere. Even better, you can attach a secure note directly to a password item - so, for example, your failsafe two-factor codes can be directly attached to your saved password (as can the associated two-factor token).

        So, if someones breaks into that, not only he gets your password but your secure codes as well? What could possibly go wrong?

    • by Ksevio ( 865461 )

      Some people use more than one device and multiple computers

    • by Pascoea ( 968200 )

      You say that like Google/Microsoft/Mozilla are for some reason more trustworthy?

      Other reasons why a password manager is better: Store non-website passwords. Can hold more than just passwords. Works with (most) mobile apps. Grouping/Categorizing/Searching is better. Sync across all devices. Sync across all browsers. Sharing credentials (like service accounts). I'm sure there's more.

      • You say that like Google/Microsoft/Mozilla are for some reason more trustworthy?

        Well I think they are, yes. If you don't trust them, I hope you are not visiting any HTTPS web site.

        Other reasons why a password manager is better: Store non-website passwords. Can hold more than just passwords. Works with (most) mobile apps.

        I don't see why I would want to store more than just passwords, can you elaborate on that?
        Also Google seems to be able to save passwords in mobile apps as well. Those properly designed, anyways.

        Grouping/Categorizing/Searching is better.

        I have no problem searching in my browser. But the best thing is that you don't need it often. You just go to the web site.

        Sync across all devices.

        Same for in-browser password save feature.

        Sync across all browsers.

        So you have to install an extension in every browser?

        • by Pascoea ( 968200 )
          I can't tell if you are honestly looking for answers or just being difficult. Several others have outlined similar benefits, and have provided others. If you don't need those features, or can't understand why they are beneficial, by all means don't use it. I started using it about a year ago, and likely won't be "falling back" to what Chrome offers because I like the features of a password manager that Google just doesn't provide.
          • I'm honestly asking questions here, with an open mind. When I ask "what's the advantage" and someone (two people, actually) replies "it syncs across devices", well they obviously don't know what they are talking about because the browsers already does that.

            • by Pascoea ( 968200 )

              Yes, you're right, browsers sync across devices, assuming you're willing to stay signed in on Chrome. I don't use FF or Edge's built in password systems, so I don't know if/how they sync across devices.

              You say that "properly designed apps" will use the passwords synced to Chrome/Android. Tell that to US bank. My personal experience is that there are a lot of "not properly designed apps".

              Non-website-stuff I have in LastPass: My RDP passwords for work, my wife/kid's SS#, insurance policy numbers, drivers

              • You say that "properly designed apps" will use the passwords synced to Chrome/Android. Tell that to US bank. My personal experience is that there are a lot of "not properly designed apps".

                Do these "not properly designed apps" work with LastPass? Is it automatic or you need to open LastPass everytime and enter the password manually (or at least copy)?
                Because opening LastPass or my browser's saved passwords screen sounds similar to me.

                Non-website-stuff I have in LastPass: My RDP passwords for work,

                Does LastPass integrates with the RDP client? Or again you are just opening LastPass to check the password and enter it manually? And do you need to enter your LastPass password everytime so you can check what is your RDP password?

                my wife/kid's SS#, insurance policy numbers, drivers license numbers. Stuff that I don't need/use enough to memorize but I occasionally need when I'm not sitting at home.

                Well I guess you could just save

  • by King_TJ ( 85913 ) on Tuesday February 16, 2021 @11:55AM (#61069100) Journal

    I was a long time user of this product, but I'm just not going to pay for yet ANOTHER subscription to continue using it. Not when there are so many other alternatives out there that don't require one.

    I get the pricing model of charging for premium functionality. But the definition of premium should be features a single, typical user doesn't require. I can see paying for something like a whole family subscription, or for business/commercial use.

    I already run my own NextCloud server on a FreeNAS so the comment about KeePassium supporting NextCloud really interests me. I think I'll play with that tonight.

  • I know it doesn't sound like a lot, but I've already got too many software or content subscriptions to tack on another $3 per month.

    I can't recall what features the "Premium" version used to offer, but I remember looking and not thinking I'd want them.

    If they charged $0.25 to $0.50 per month for what the free version USED to offer then sure I'd be fine with that, but as it is I'll be looking for an alternative.

  • I switched to KeePassXC from 1Password about a year ago.

    It has its annoyances and imperfections, but it's free, open source, locally synced (no cloud) and runs fine on Linux, iOS, and the Firefox plugin is steady (although sometimes awkward).

  • by OneHundredAndTen ( 1523865 ) on Tuesday February 16, 2021 @12:43PM (#61069304)

    Not only are your keys stored in the cloud, under the control of some third party who may, or may not, have access to your keys but, in addition, you have to pay for the privilege.

    A combination of KeePassXC and Syncthing allows me to do exactly the same thing, with no third parties involved and nothing to pay to anyone. F**k you LastPass.

    • by Ksevio ( 865461 )

      I do - or at least I did until this update. First of all, it was free, so that's handy. Second of all it's convenient - I don't have to pay for hosting or host and securing my own server to replicate what a third party is already doing better.

      With this change, I'm not planning on setting up a server, I'm just going to find a different 3rd party service

  • Bitwarden is similar to LastPass but it's open source, cheaper for hosted plans, and doesn't send your metadata to the server in the clear* like LastPass does.

    There's even a Rust implementation of the Bitwarden server.

    *transport is secure but LP isn't E2E for metadata

  • Plenty of other options out there. So last pass can f$%^ right off.

  • Like WhatsApp -> Signal debacle, LastPass is promising to push its free customers to another application next month.

    I only stayed so far due to inertia. They used to have a $10/year plan before being bought out by LogMeIn. First they hiked the price, so I went for free tier. Now they kill the free, I will go somewhere else.

  • I've used lastpass for a few years on the free tier. It's made managing my accounts and credentials much easier. It's been a very valuable service for me, and I don't have a problem with paying $30-40 a year or whatever for that service.

  • They were bought by Logmein. What were we all expecting?
    We use bitwarden at work now, so I’ll be porting out private LastPass over.

  • nothing says you can't have two accounts, one for android and one for pc.

Time is the most valuable thing a man can spend. -- Theophrastus

Working...