Is LastPass safe?
Review LastPass security risks.

Nudge Security provides security profiles for thousands of SaaS apps, including LastPass. This public profile has the basics you’ll need for a vendor risk assessment. For more details on LastPass, including breach history, start a free trial of Nudge Security.
Try it free
Explore demos
Try it free
Explore demo
Security ProfilesSecurityLastPass
LastPass Security Profile

CATEGORY

Security

Organization Details

What is

LastPass

?

LastPass is a password manager that helps users create strong passwords and store them in a secure vault. It also has features that allow users to sign in to websites and apps with just one click, and it has adaptive MFA solutions that integrate with over 1,200 apps.

HEADQUARTERS

HOSTING

HOSTING LOCATION

Who's Using LastPass in your org?

Nudge Security discovers every user for every SaaS app within minutes of starting a free trial.

Learn more

Security Program

SECURITY CERTIFICATIONS

SOC2 Compliance
PCI Compliant
HIPAA Compliant
SOC2 Compliance
SOC 2 Compliant
GDPR Compliant
ISO 27001 Compliant
FedRamp Compliant
CSA Star Level 1
Compliant

SECURITY PAGE

https://lastpass.com/security/zero-knowledge-security

SECURITY PORTAL

BUG BOUNTY

VULNERABILITY DISCLOSURE

TERMS OF SERVICE

https://lastpass.com/legal-center/terms-of-service/business

SUBDOMAINS

  • oktapreview.lastpass.com
  • lp-push-server-878.lastpass.com
  • 167.38.lastpass.com
  • account.lastpass.com
  • jira.lastpass.com
  • ideas.lastpass.com
  • w.w.w.lastpass.com
  • lp-cdn.lastpass.com
  • cdn.lastpass.com
  • lnk.lastpass.com
  • developer.lastpass.com
  • swag.lastpass.com
  • jp.lastpass.com
  • 0.lastpass.com
  • id.lastpass.com
  • about.lastpass.com
  • us.lastpass.com
  • supportstage.lastpass.com
  • do-11.lastpass.com
  • em.lastpass.com
  • my.lastpass.com
  • sg.lastpass.com
  • forums.lastpass.com
  • intranet.lastpass.com
  • dashboard.lastpass.com
  • apply.lastpass.com
  • auth.lastpass.com
  • groove.lastpass.com
  • a.lastpass.com
  • live.lastpass.com
  • lp-push-server-971.lastpass.com
  • lp-push-server-843.lastpass.com
  • fr.lastpass.com
  • checkout.lastpass.com
  • meetings.lastpass.com
  • track.lastpass.com
  • test.lastpass.com
  • email.mg.lastpass.com
  • idm.lastpass.com
  • www3.lastpass.com
  • files.lastpass.com
  • vault.lastpass.com
  • services.lastpass.com
  • partners.lastpass.com
  • preview.lastpass.com
  • static.lastpass.com
  • rodan-internal.lastpass.com
  • mobile.lastpass.com
  • business.lastpass.com
  • contact.lastpass.com
  • lp-push-server-678.lastpass.com
  • survey.lastpass.com
  • helpdesk.lastpass.com
  • blog.lastpass.com
  • status.lastpass.com
  • image.lastpass.com
  • preferences.lastpass.com
  • search.lastpass.com
  • training.lastpass.com
  • refer.lastpass.com
  • home.lastpass.com
  • portable.lastpass.com
  • sales.lastpass.com
  • lp-push-server-824.lastpass.com
  • e.lastpass.com
  • cn.lastpass.com
  • siem-integrator.cloud.lastpass.com
  • rodan.lastpass.com
  • salesloft.lastpass.com
  • drata.lastpass.com
  • gateway.lastpass.com
  • kb.lastpass.com
  • experience.lastpass.com
  • content.product.lastpass.com
  • payment.lastpass.com
  • mail.lastpass.com
  • team.lastpass.com
  • share.lastpass.com
  • jobs.lastpass.com
  • content.lastpass.com
  • signin.lastpass.com
  • changelog.lastpass.com
  • lp.lastpass.com
  • community-stage.lastpass.com
  • app.lastpass.com
  • labs.lastpass.com
  • connect.lastpass.com
  • 167.37.lastpass.com
  • forms.lastpass.com
  • assets-cdn.lastpass.com
  • s.lastpass.com
  • 1min-api-prod.service.lastpass.com
  • integrations.lastpass.com
  • ru.lastpass.com
  • de.lastpass.com
  • stage.lastpass.com
  • lp-push-server-968.lastpass.com
  • pl.lastpass.com
  • backoffice.lastpass.com
  • lyncdiscover.lastpass.com
  • affiliates.lastpass.com
LastPass breach history
Has LastPass experienced a recent breach? Start a free trial of Nudge Security for a full breach history and other security program details.
Try Nudge free

Authentication

AUTHENTICATION / SSO

Supported Okta Features
  • SWA
  • Create
  • Update
  • Deactivate
  • Group Push
  • Group Linking
Login with Google support
Login with Microsoft support
Supports SSO
Two-factor authentication via SMS
Two-factor authentication via E-mail
Two-factor authentication via Hardware
Two-factor authentication via Software
Two-factor authentication via TOTP
Two-factor authentication via U2F

oauth details

LastPass OAuth Grants
Is LastPass connected to your other business apps? Start a free trial of Nudge Security to see all app-to-app OAuth grants.
Get started

Supply Chain

Apps in LastPass's supply chain
  • Akamai
  • Outreach.io
  • Pendo
  • PathFactory
  • Brightspot
  • Amazon Web Services (AWS)
  • Wiz
  • Adobe
  • Skilljar
  • Marketo
  • WP Engine
  • Microsoft Azure
  • Statuspage
  • ClickMeter
  • Proofpoint
  • Salesforce.com
  • Mailchimp
  • Atlassian
  • DocuSign
  • Miro
  • Google Analytics
  • Duo Security
  • GlobalSign
  • Apple Business Manager
LastPass supply chain breach history
Has LastPass experienced a recent supply chain breach? Start a free trial of Nudge Security for a full breach history and other security program details.
Start your trial

Regain control of SaaS security.

Nudge Security discovers all SaaS accounts ever created by anyone in your org within minutes of starting a free trial. Get a full SaaS inventory today, along with insights and automation to improve your SaaS security posture.

Try it free
Explore demos
Try it free
Explore demos

Let’s stay in touch.

Sign up for product updates, resources, and news. We promise we'll never send you spam. Or boring emails. Ever.
Product
Resources
Company
Assurance

Use Cases

SaaS Security
SSPMAudit & ComplianceSaaS Attack SurfaceAccount Takeover Detection
SaaS Management
Shadow ITSaaS SpendCloud GovernanceAI Security
Third-Party Risk Management
Supply Chain SecurityOAuth Risk Management
Identity Governance
User Access ReviewsEmployee OffboardingSSO Onboarding
© {year}, Nudge Security