We Can Help

Do you use a salted hash for logging in?

Yes, we first do a 'salt' of your LastPass password with your username on the client side (on your computer, LastPass never gets your password), then server side we pull a second 256 bit random hex-hash salt from the database, use that to make a salted hash which is compared to what's stored in the database.

This is beyond overkill but we want to store nothing that can even theoretically be used to do a dictionary attack against password hashes if LastPass' servers were somehow compromised. We hope having nothing of value makes us less of a target, and that by taking every conceivable caution we can think of makes you more safe.

Still Having Trouble?
Look for answers in our vibrant customer-to-customer community help forums.


View your account information and view the status of previously submitted support tickets.


Submit a support ticket and we'll get back to you as soon as we can!

Security

Enter a few words explaining what you need help with

Please type your question in English

Please review these answers to your question:

Still Having Trouble?
Look for answers in our vibrant customer-to-customer community help forums.


View your account information and view the status of previously submitted support tickets.


Submit a support ticket and we'll get back to you as soon as we can!


Browse through our FAQs:

Do you have any Heartbleed questions?