Let’s compare the free and paid versions of Nordpass and Lastpass to find out the winner of this contest. Stay tuned.
As a loyal Bitwarden user, I often try other password managers to see if anyone comes close to its free offering. After being tested a few, I’m sure to be in safe hands and don’t want to switch.
But this isn’t about that. And it can be pretty close. Closer than what we have seen in Bitwarden vs 1password and Bitwarden vs Lastpass.
Nordpass is a few years younger than Lastpass. Except for this, they are quite similar in their features. You get a 30-day premium trial and a forever-free version with both.
But let’s go deeper than this and pitch them head to head in this detailed…
NordPass vs LastPass
We’ll go with the conventional technique we’ve been doing here at Mustechie for comparing password managers. This means evaluation based on these factors:
- User Interface
- Export & Import
- Autofill & Capture
- Password Generator
- Security Features
- Extra Goodies
- Supported Platforms
Simply put, we will go through each section and see where the candidates stand against each other. Notably, this article is about browser extensions and Windows applications.
Let’s get started.
At the onset, you see two extensions having similar options working (almost) perfectly.
But the equality ends the moment you realize the Nordpass browser extension is very limited in almost everything. The most it does is show the vault entries, and that’s about it. Everything else is controlled from the native application.
So technically, you can’t do anything if you don’t have the application. This isn’t necessarily a bad thing for others.
But personally, I don’t prefer bucket loads of applications, and instead, try for minimum installations. And to keep a password manager application just to make sure its extension works is definitely not a merit we should applaud.
In stark contrast, the LastPass browser extension is a standalone application. I have uninstalled its application, and the extension was working perfectly regardless.
One more significant point of difference is the login counter, and you don’t get one with Nordpass.
That’s Nordpass missing another user-friendly feature. Still, you get an autofill (that you can’t turn off). So Lastpass hasn’t done anything exceptional, it’s the Nordpass’s limitations that have put Lastpass at a clear advantage.
Export & Import
Nordpass has excellent import support, and you have many official options to migrate from. In addition, you have the Other tab with a guide to import from practically any password management utility.
On the other hand, Lastpass’s official support is rather limited. But similar to Nordpass, you get a template to import from anywhere.
To test the import performance, I exported my Bitwarden vault (officially supported by both) having 205 passwords and 13 notes.
Nordpass returned with 202 passwords and 13 notes, and Lastpass did this with 202 passwords and 4 notes. While Nordpass had an upper hand, neither was flawless, and it’s quite dangerous to lose some passwords while migrating to some other utility.
The solution here is to use a spreadsheet, check for the missing entries, and upload them manually. Alternatively, you can export the new vault, use some duplicate finder, and enter the left-out ones.
Coming to export, Nordpass simply exports in readable CSV formats, whereas Lastpass lets you export it encrypted as well.
You typically set an encryption key while exporting and should keep it safe for future imports. Besides, I doubt that Lastpass encrypted vault will work anywhere else, as Nordpass couldn’t recognize it and never came to a point to ask for the encryption key.
What’s funny is that Lastpass itself couldn’t make sense of its encryption and was caught in a endless process loop:
This was the same when I was comparing it with Bitwarden. I did it again to confirm this, and it returned with a similar loop confirming the issue.
So while both faltered in the imports, Nordpass does this slightly better and takes this round.
Autofill & Capture
This is another crucial area that’s the lifeline of any password manager.
Nordpass was smooth at auto-filling the empty fields and capturing new registrations.
LastPass, however, wasn’t up to the mark. It couldn’t autofill, and this was the same problem I observed during my previous testing. And this is a common issue having a lot of tutorials about it.
Moreover, I tried different browsers and websites to confirm this, but the problem was still there. This is again a major disappointment from a premium, decades-old password manager.
However, Lastpass didn’t have any hiccups in taking in new signups. But owing to its autofill failures, Nordpass easily takes this round.
Password generators are the least used feat in such utilities but are important regardless. They assist during signups and password updating. Both these tools have excellent password generators with nothing to complain about.
In addition, both popped up (in empty fields) for new accounts so that you can create logins right there without clicking anywhere else. So without wasting more time, we will declare the…
Winner: None, it’s a tie.
Nordpass deploys the XChaCha20 encryption algorithm, different from AES-256 bit encryption that most password managers (including Lastpass) use. The stated reason is the simplicity of application and using a future-proof technology that is actively used by the tech giants like Google, Cloudflare, etc.
However, I have checked some Google products like its Cloud offerings which still use AES-256 bit encryption by default. Likewise, Cloudflare gives you an option to switch to the ChaCha20 algorithm and doesn’t use it natively.
So, while ChaCha20 (and its variants) may be the fastest way to encryption without compromising safety, it’s still new and hasn’t stood the test of time like the AES-256.
Conclusively, it would be good had Nordpass stick to the AES-256 or given an option to switch algorithms.
Expect for this, Nordpass permits autolock, multi-factor authentication (MFA) with any authenticator app like Authy or any hardware device like Yubikey. In addition, you can set it to delete copied data from the clipboard automatically.
Another noteworthy security measure is the process it authenticates browser extensions with. While activating, you need to verify a four-digit code ensuring the legitimacy of the coupling.
And as mentioned in the previous sections, the Nordpass extension is extremely limited in features compared to what you get with Lastpass. While that wasn’t good for the user interface, this definitely shrinks the attack surface taking the security a few notches above.
Finally, you get a security code for restoring the password vault in case you forget the master password.
Coming to Lastpass, you get a tried and tested AES-256 bit encryption. Additionally, one can set a vault timeout or logout upon browser exit.
Lastpass has MFA options like SMS, authenticator apps, etc., with the free subscription, and hardware and fingerprint authentication with the paid plans.
An advanced feature is setting ‘trust’ between devices which helps you bypass MFA for up to 30 days. This works by simply adding a specific device under a header Trusted devices in the application settings.
Moreover, you can deauthorize any mobile device linked to your Lastpass vault.
For account recovery, Lastpass sends a code to your recovery phone number to reinstate access. This is more secure than storing a separate code for recovery, as in the case of Nordpass.
Furthermore, you can restrict countries except for the ones you geographically access Lastpass from. And there are a few more security-oriented traits like preventing access from the Tor network that reflect its age in this industry.
So while Nordpass is good enough for an average user, Lastpass’s security protocols are just better.
Nordpass lets you share vault contents with others having a Nordpass account. Besides, the premium features are emergency access, trusted contacts, compromised password scan, etc. Additionally, it scans for old, weak, and reused passwords.
Lastpass has a similar sharing option to other Lastpass users. And likewise, you get emergency access, dark web monitoring for breached credentials, and a security dashboard gauging the health of the password vault.
This section has both listing similar features in the premium subscriptions with no clear winner.
Winner: None, it’s a tie.
Nordpass has applications for Windows, Mac, Linux, iOS, and Android. In addition, you can also use the web application and the browser extensions for Chrome, Firefox, Opera, Brave, Safari, and Edge.
Similarly, LastPass has applications for Mac, Windows, Linux, Android, and iOS. Besides, there are browser extensions for Safari, Chrome, Edge, Firefox, and Opera. The platform support is a close contest, but Lastpass has an upper hand with a command-line interface.
The free versions of both offer tremendous value but Nordpass ups the ante with a multiple device sync.
But you get almost the same paid features with either. What you get extra is a 1Gb encrypted file storage with Lastpass premium. However, you can use NordLocker (by Nordpass’s parent company) providing encrypted cloud storage to get 3Gb free storage.
And the entry-level subscription of Nordpass is priced almost at the half of Lastpass’s similar tier. However, Nordpass is slightly costlier if you’re opting for a family plan where both provide six user accounts.
But we will stick to the personal subscription and won’t hesitate to give this round to Nordpass.
Interestingly, we don’t have an overall winner. But still, we’ll recommend using Nordpass if you aren’t paying because of the device sync. For the paying customers, going with Lastpass makes more sense as the security options really cover everything and more.
However, you can also get your hands on the free Avira Password Manager. Alternatively, try Microsoft Password Manager, which comes within its authenticator app.
Hey there! I'm Hitesh, founder of this blog. Currently, I also work as a senior writer at Geekflare to 'keep the lights on.' I'm committed to keep it real and help you people make the right buying decisions. I hope we'll see Mustechie grow into something substantial--a place you can trust without any second thoughts. See you again, soon!