Surprise: LastPass Android app tracks the hell out of its users

Surprise: LastPass Android app tracks the hell out of its users
LastPass is one of the most popular password managers out there and normally these kinds of apps have very tight security. It’s only natural because password managers hold the key to your virtual and in most cases real, treasures. It turns out that LastPass not only keeps your passwords in its vault but also tracks you with no less than seven embedded trackers within its Android app, according to a report by security research company Exodus Privacy.

Also Read: LastPass Free users will soon be restricted to one type of device

Now, to be clear - trackers don’t always equal a security risk, as in many cases the service provider is using them to collect data about the device you’re using for the sake of improving the service itself. Many companies rely on third-party trackers from tech giants like Google in order to delegate the responsibility and benefit from well-established and secure solutions.

In the case of LastPass, only four out of the seven trackers were Google’s, the other three are lesser-known. While all of these trackers bear the “analytics” label (one is labeled “crash reporting”), two of them also include the “advertisement” and “profiling” labels. It’s almost self-explanatory what these are doing and it’s pure irony that a service like LastPass uses these kinds of practices.

The timing of the report is also not great for LastPass, as last month the company introduced changes to the service, restricting free users to one type of device - mobile or computer.


Latest Stories

This copy is for your personal, non-commercial use only. You can order presentation-ready copies for distribution to your colleagues, clients or customers at or use the Reprints & Permissions tool that appears at the bottom of each web page. Visit for samples and additional information.
FCC OKs Cingular's purchase of AT&T Wireless