What's the risk, and does that change by moving to an alternative?
Companies deal with leaked secrets a lot. A company already using a password manager is ahead of the game.
Suppose they move to a competitor. That's a migration and training that someone has to drive. What do they gain? Another company that can also have exploits? Or they self-host, and now have to fund that, and still potentially get exploits?
Ultimately, this likely isn't that big of a deal for a company.
And they have to weigh it up against all the other things that they can be doing.
Compare https://hn.algolia.com/?q=lastpass to basically any other password manager, like https://hn.algolia.com/?q=1password or https://hn.algolia.com/?q=bitwarden
Those companies do not have the same number and severity of security incidents. lastpass is truly in a category of its own
i'd love to switch from my lastpass family plan to... something else.
but there is a non-trivial switching cost to migrate several people (with varying technical aptitudes) that each use several platforms.
if 1password had a one-click migration flow they'd be able to win over a lot of converts.
You pretty much export your data from lastpass and import it into 1password. The only thing it doesn't do is have 1password log into your lastpass account and pull it out itself.
At least in the past the default import-export route did not move attachments, be careful!
File > Import > LastPass. Log into LastPass. Now you have your LastPass details in 1Password.
https://support.1password.com/import-lastpass/?mac