LastPass Heartbleed checker

With news breaking on Monday, April 7th that the Heartbleed bug causes a vulnerability in the OpenSSL cryptographic library, which is used by roughly two-thirds of all websites on the Internet, we want to update our community on how this bug may have impacted LastPass and clarify the actions we're taking to protect our customers.

What is the Heartbleed bug?

Check a site:
https://


Check the sites that you've entrusted with your information. If you have any doubt, please use LastPass to update passwords on potentially impacted sites as soon as the vendor has reissued their certificates. LastPass users can do this by running the Security Check tool from their icon menu. LastPass will not only alert you to which sites are vulnerable, but also tell you the last time you updated your password for the site, when that site last updated their certificates and what action we recommend taking at this time. Get started with LastPass now.

Need some inspiration?
Try: www.Yahoo.com
Try: www.okcupid.com
Try: Bing.com
Try: LastPass.com

Has your organization made a public statement about use of vulnerable versions of OpenSSL over the last 2 years? Or if you reissued your certificate without changing the date and we don't have enough SSL certificate history to notice the change: Let us know

LastPass' checker is different from other checkers -- LastPass is checking if you were at risk in the past, and if steps have been taken to ensure you're currently safe, and if you should change your password, other checkers are focused on is a site currently exploitable -- that's also useful but less likely to be the case for anything but the smallest sites.

* last updated 2014-07-17 00:00:31