In case you missed the news, LastPass, a popular cross-platform password manager, announced that it would be adding new restrictions to its free subscription tier starting next month. As many have pointed out on Twitter, the changes make LastPass' free version a lot less useful. You'll only be able to view and manage passwords on one type of device, either a mobile or desktop computer, but will have to pay to use both.
As with everything in technology these days, Microsoft has a great alternative to LastPass, known as Microsoft Authenticator. Best of all, Authenticator requires no subscription fee, and it can be paired with the new Microsoft Edge with a Microsoft Account to help keep your passwords secure, for no added fees. We'll be looking at both of these today.
Authenticator and Edge Vs LastPass
I want to start this piece by making a note of what Edge and Authenticator can do, and what LastPass can't, and vice versa. It's important to note that LastPass is designed for different web browsers. It works in all the major web browsers as an extension, and as an app that will let you see saved passwords on iOS and Android. You don't need to "switch" your web browser to use it.
Obviously, with Edge, your stored passwords from the web are locked into being stored Edge itself, unless you export as a CSV file that you can import into other web browsers (there's a Chrome extension, though.) There's a way around this, as you can just switch to using Edge on all your devices (since Edge is multi-platform.) Additionally, if you pair Edge with Authenticator, you can see your passwords directly in the Authenticator app on iOS and Android.
Importantly, Edge and Authenticator depend on a Microsoft Account for syncing so you'll need a Microsoft Account to sync between devices. That is unlike LastPass which works with a master LastPass password. If you're not locked into the world of Microsoft, this might be an issue for you.
Finally, LastPass has a feature that lets you keep Digital Records such as passports, driver's licenses, WiFi Passwords, etc. Edge and Authenticator do not have this, but Microsoft Teams for personal use does. We spoke about this previously, but it's an entirely different app.
Then, there's encryption and Two Factor Authentication. LastPass says it uses AES-256 bit encryption with PBKDF2 SHA-256 and salted hashes to ensure complete security in the cloud. Multifactor authentication in LastPass also adds extra security to your LastPass account by requiring a second login step before authorizing access to your vault.
Microsoft also uses encryption, too, which they talk about here. As for 2-factor authentication in Microsoft, you can set this up via your Microsoft Account and Authenticator, so that your passwords don't end up in the wrong hands. All passwords for a Microsoft Account in Edge won't show unless you know the device or Microsoft Account password for which Edge is running on, usually secured via Windows Hello or a PIN.
Before getting into Authenticator, I'll touch on Microsoft Edge first. One of the features of LastPass that many people enjoy is the ability to store your passwords, monitor them for leaks, generate passwords, and view passwords across platforms. LastPass also has a feature where you can create a profile for a credit card, without having to type it every time. This all can be accessed on either desktop or mobile phone.
Well, with Microsoft Edge, you can enjoy most of those features, too (scroll down for a section that compares the two.) Of course, there is a Chrome extension known as Microsoft Autofill which will pull your saved passwords in Chrome to a Microsoft Account and automatically fill them on all your devices with Chrome installed, but Edge users can enjoy the experience in the web browser directly.
Indeed, in Edge, you can manage your stored passwords for any website manually by going to the Settings menu and clicking Passwords. Currently, in the Dev and Canary branches of Edge, you'll see a lot of familiar features to LastPass in this menu.
There's a toggle switch for Edge to generate and suggest stronger passwords for you and fill them in automatically (which is in the Stable channel, too.) There's also a toggle switch to allow Edge to check a known repository of exposed credentials and alert you if it's found in there --- essentially like LastPass's Audit tool (but only in Edge Canary and Dev for now.)
In addition, all passwords stored in Microsoft Edge are secure and encrypted. Microsoft details this in a separate post, which gets into the privacy aspect of things. And, on a device itself, you'll need to enter in your Windows Password, or use Windows Hello to authenticate yourself before you can copy, export, or view passwords. This is a bit similar to LastPass, which uses one master password to access the service and all your other passwords.
Finally, there's the ability for Edge to store credit cards. This has been one of LastPass' best features, as you can store and create a profile for every credit card and address, so making a purchase is easy. Well, this is built directly into Microsoft Edge. Just head into Settings, and then click Profile and then click Payment info.
From there, you can configure Edge to save and fill in payment info. You also can Fill in your payment info with one click with any cards saved on the device itself. Finally, you can save credit cards to your Microsoft Account itself. These cards are protected using two-step authentication for payment.
Looking at all this, Edge itself is great with password and payment card management. Best of all, Edge is available on all the same platforms that LastPass is on. You'll need to switch your browser to Edge to use these features, but Edge is on iOS, Android, Windows, Linux, and even macOS. It shouldn't be a problem, as your passwords will follow you across all these devices.
With Edge explained, it's time to look at Microsoft Authenticator. Available as an app on iOS and Android, it lets you take your passwords from Microsoft Edge anywhere you go. Just like the LastPass mobile app, any passwords you've added in Microsoft Edge will show up directly from within Authenticator itself. It's a one-stop-shop for all things password related (though Edge on iOS/Android will already sync the same passwords you've shared in Edge desktop)
One of my favorite things about Microsoft Authenticator is the fact that it can be used as a way to verify all of your Microsoft Account Logins. Instead of texting a code, you can use a one-time code from within the app itself. This super secure, as the code is only available on the device itself, like an SMS code.
Furthermore, you can "lock" Authenticator with FaceID or TouchID on iOS (also Fingerprints on Android) to keep your passwords behind in its vault. There's even an option to see all of your logins with a Microsoft Account, to "lock down" your account if need be.
Anyway, with FaceID enabled, your passwords from across all your websites in Edge show up within the app. Just like LastPass, you can copy these at will, look through them, or change them after unlocking your Authenticator app. Websites will have a logo in the list, helping you sort through them all.
Another cool note on Authenticator is that it offers an Apple Watch app. While the Apple Watch app doesn't list passwords or lets you manage them as LastPass' does, it will allow you to approve Microsoft Account logins with ease. Thanks to this, you'll just need to choose a number on the watch to approve a login. Passwords are a thing of the past.
A final thing about Authenticator comes in regards to passwords you might not have stored in your Microsoft Account. The app lets you pull in CSV files from any other web browser, and then uploads them into Authenticator itself, and your Microsoft Account. This will let you sync things up a little bit better. In fact, you even can upload Authenticator to iCloud, or set it as your default password manager app to autofill in place of iCloud.
A great solution
Although LastPass is still preferred by many people, Microsoft Authenticator isn't all that bad, either. If you're willing to use Microsoft Edge and get into the Microsoft ecosystem, both Edge and Authenticator will work well for you. It's simple, easy, and requires very little effort (and no monthly fees!).