Sustainable Substitutes for LastPass

A password management service with a long history of security breaches.

Reasons to avoid LastPass

Avoid LastPass due to data breaches and privacy concerns. Its lack of transparency in security practices undermines trust. LastPass is heavily reliant on Big Tech infrastructure. Use open-source, independent password managers like Bitwarden or Passbolt.

Ethical and Sustainable LastPass Alternatives

Copied!
  • Feasibility: How easily can the average user switch to this substitute? Higher feasibility results in a higher ranking.
  • Editor's Rating: How sustainable is the substitute? The more sustainability attributes it fulfils, the higher it is ranked.
keepassxc logo

KeePassXC

A modern, secure open-source password manager focusing on offline storage.

KeePassXC is completely free to use, with no subscription or hidden costs.
KeePassXC does not include any third-party trackers or analytics, ensuring user privacy.
KeePassXC works entirely offline, ensuring no dependency on cloud services and full user control over data.
KeePassXC is fully open-source, allowing for transparency, community scrutiny and customization.
KeePassXC is self-hostable, giving users full control over their data.
KeePassXC is ad-free, ensuring a cleaner and more private user experience.
Website

Bitwarden

An open-source password manager focusing on security, privacy, and self-hosting.

Bitwarden is fully open-source, allowing for transparency, community scrutiny and self-hosting.
Bitwarden works offline in read-only mode. Editing entries only works online.
Bitwarden offers a free plan with all essential features, making it accessible for individuals and small teams.
Bitwarden can be self-hosted on your own infrastructure, giving full control over data and enhancing privacy.
Bitwarden does not include third-party trackers, ensuring user privacy.
Bitwarden is ad-free, ensuring a cleaner and more private user experience.
Website

Passbolt

A European secure, open-source password manager for teams.

Passbolt is fully open-source, allowing for transparency, community scrutiny and self-hosting.
Passbolt is based in Luxembourg and offers European cloud hosting, ensuring compliance with GDPR and strong privacy laws.
Passbolt does not include any trackers or third-party analytics, ensuring user privacy.
Passbolt can be self-hosted on your own infrastructure, giving full control over data and enhancing privacy.
Passbolt offers a free Community Edition for individuals and small teams, with paid plans for larger organizations.
Passbolt is ad-free, ensuring a cleaner and more private user experience.
Website

The 3 main issues with LastPass

Privacy Concerns - User data is likely to be stored and used against users' best interest.

LastPass has faced significant data breaches and privacy concerns.Source: Millions stolen from LastPass users in massive attack

Lack of Transparency - Opacity in operations, data handling, or supply chains, making it difficult for users to understand practices.

LastPass lacks transparency in its security and data handling practices.Source: Techspot: Federal agents confirm LastPass breach linked to massive cryptocurrency heistsWired: Yes, It’s Time to Ditch LastPass (2025)

Reliance on Big Tech - Services relying on Big Tech for their infrastructure.

LastPass is built on AWS and is available on the AWS Marketplace. LastPass: LastPass Announces Its Availability in AWS Marketplace (2024)

Suggestions and Feedback

If you have suggestions for more alternatives or general feedback, please contact me via email or create an issue over on Codeberg. Suggest Substitute on Codeberg Write an Email