Is lastpass.com legit?

90
/ 100
Trusted
Industry: Software & Downloads

lastpass.com appears to be a highly trustworthy website. Its strong security measures, long-standing domain, and comprehensive legal and contact information indicate a legitimate and reputable service.

Software & Downloads average: 78/100 · based on 75 sites

Checked: April 18, 2026 at 8:13 AM UTC · Refresh

Is lastpass.com a scam? Here's what we found.

Security 95/100

The site boasts a robust security posture, utilizing modern TLS 1.3, HSTS, and Content Security Policy, alongside a clean record with Google Web Risk. It's properly implementing measures to protect user data and prevent common web attacks.

Identity 95/100

With over two decades in operation and clear registration details through a reputable corporate registrar, LastPass has a well-established and transparent identity. This longevity is a strong indicator of legitimacy.

Reputation 95/100

This is a very well-known, high-traffic website not listed on any blacklists. Its significant web presence and long history solidify its reputation as a major player in its industry.

Transparency 95/100

LastPass is highly transparent, providing clear contact information, comprehensive legal pages, and an active presence across multiple social media platforms, making it easy for users to find support or information.

Compliance 100/100

The site provides both a privacy policy and terms of service, which are essential for any service handling sensitive user data, particularly a password manager.

Infrastructure 85/100

The infrastructure is generally solid, featuring good email authentication and efficient DNS resolution. The only minor point is the unsigned DNSSEC, which is common but still a potential area for improvement in overall resilience.

Signals Detected

[+]
Tranco Rank: Rank #2539

This is a well-known, high-traffic website

[+]
Structured Data: Found

Site uses structured data identifying itself as: Organization

[?]
Trustpilot: No Trustpilot profile

This business has no Trustpilot presence — not unusual for smaller or newer companies

[+]
SSL Certificate: Valid

Valid certificate, expires in 189 days

[?]
Certificate Issuer: GlobalSign nv-sa

Certificate issued by GlobalSign nv-sa

[+]
TLS Version: TLS 1.3

Connection uses TLS 1.3

[+]
Branding: Complete

Site has custom branding and social media metadata

[?]
Certificate Transparency: Unable to check

crt.sh returned status 429

[+]
Domain Age: 21 years, 5 months

Domain created 2005-03-08T22:52:10Z (21 years, 5 months ago)

[?]
Registrar: CSC Corporate Domains, Inc.

Registered through CSC Corporate Domains, Inc.

[+]
Domain Expiry: 2028-01-02T04:59:59Z

Expires in 623 days

[+]
DNSSEC: unsigned

DNSSEC status from WHOIS

[+]
robots.txt: Present

robots.txt has 29 directives and references a sitemap

[+]
HSTS Header: Present

Site enforces HTTPS via HSTS

[+]
Content Security Policy: Present

Site has Content Security Policy configured

[+]
Clickjacking Protection: Present

X-Frame-Options: SAMEORIGIN

[+]
Google Web Risk: Clean

No threats detected by Google Web Risk

[+]
Sitemap: 7 pages

Site maintains a proper sitemap with 7 indexed pages

[+]
DNS Blacklists: Clean

Not found on any DNS blacklists

[+]
DNS Resolution: 1 IP(s)

Resolves to: 23.52.182.42

[+]
Email (MX Records): 1 record(s)

Mail servers: lastpass-com.mail.protection.outlook.com.

[+]
SPF Record: Present

Domain has SPF email authentication configured

[+]
DMARC Record: Present

Domain has DMARC email authentication configured

[?]
Name Servers: 6 server(s)

DNS providers: a12-67.akam.net., a18-64.akam.net., a7-67.akam.net., a2-65.akam.net., a3-66.akam.net., a1-208.akam.net.

[+]
Website Status: Online

Website is live and responding

[+]
Contact Info: Found

Website appears to have contact information

[+]
Legal Pages: Privacy & Terms found

Website has both privacy policy and terms of service pages

[+]
Social Media Presence: 6 platforms

Website links to multiple social media platforms

[?]
Web Archive: Unable to check

Could not query Wayback Machine

[+]
Page Load Time: 232ms

Fast page load

Embed This Badge

Own this site? Show visitors your trust score.

Trust badge for lastpass.com
<a href="https://verified.fyi/review/lastpass.com"><img src="https://verified.fyi/badge/lastpass.com?size=medium&style=full&theme=dark" alt="lastpass.com trust score — verified.fyi" /></a>
[![lastpass.com trust score](https://verified.fyi/badge/lastpass.com?size=medium&style=full&theme=dark)](https://verified.fyi/review/lastpass.com)

Stay Safe Online

Good habits to protect yourself, no matter the scan result.

Use a password manager

Never reuse passwords across sites.

Enable two-factor authentication

Add a second layer of security to your accounts.

Check before you buy

Always verify unfamiliar stores before entering payment info.

When evaluating a service like LastPass.com, which handles fundamental digital security for millions, the bar for trust is exceptionally high. Our analysis suggests that LastPass stands up to this scrutiny, earning a 'Trusted' verdict. For a platform entrusted with your passwords, a long and stable operational history is paramount. LastPass.com's domain, active for over 21 years, demonstrates significant stability and longevity in an industry where fly-by-night operations are quickly exposed. From a technical standpoint, LastPass.com employs robust security measures. Modern encryption, secure headers, and excellent email authentication standards (SPF and DMARC) are all in place. These aren't just checkboxes; they indicate a proactive approach to protecting user data and preventing phishing attempts. Most legitimate software providers, especially those in the security space, invest heavily in such infrastructure, and LastPass.com aligns with these best practices. While no system is entirely impervious, the combination of a well-established identity, transparent corporate information, and advanced security protocols reinforces confidence in LastPass.com. For users considering a password manager, these factors are crucial. A company actively demonstrating a commitment to security and transparency, rather than merely stating it, is the hallmark of a dependable service in this critical digital niche.