The kicker is that you can use several authentication options. The list includes TOTP (time-based one-time password) apps, physical authenticators, smart cards, and more. Ultimately, they have the most of all password managers. What LastPass does well are their multi-factor authentication options. Those two might be vital if you’re a business owner. You won’t find 3rd party authenticators or USB tokens. It’s also possible to use Windows fingerprint or Apple’s FaceID. There’s an option to send push notifications to confirm login requests via Duo Security. Aside from this secret key, it’s possible to set up two-factor authentication via authenticator apps like Authy or Microsoft Authenticator. In 1Password’s case, multi-factor security is built into the client because it requires two passwords on every new device. 1Password is ultimately the superior choice because it locks your data behind more doors.
However, the necessary secret key makes a major difference in the device’s security status. LastPass is by no means an insecure password manager, it should do the job just fine in most cases. They also work similarly, never sending unencrypted data outside your device and decrypting it only on a device level. They use the same 256-bit AES encryption with PBKDF2 SHA-256 for master passwords. LastPass is no slouch when it comes to encryption standards.