Trust Center
Spread cheer: save 25% and support a great cause.

TRUST CENTER

LastPass Security FAQ

How do I check and update my iteration count?

To increase the security of your master password, LastPass utilizes a stronger-than-typical version of Password-Based Key Derivation Function (PBKDF2) at a minimum of 600,000 rounds (for new accounts and those who update their existing iteration count). You can view and change your master password iterations value to suit your needs and/or for troubleshooting in your vault’s account settings.


Does LastPass store my master password?

No. Due to the zero-knowledge architecture, a user’s master password is never known to LastPass and is not stored or maintained by LastPass.   


Where do I report potential vulnerabilities?

To make it as easy as possible for customers to flag security concerns, we offer a direct path to LastPass to report these issues.  Customers with a security concern should report it via email to securitydisclosure@lastpass.com, where it will be escalated to the threat intelligence team. 

In addition to our own direct responsible disclosure program, LastPass participates in a bug bounty program, hosted at BugCrowd, to facilitate the work that security researchers do to find and responsibly disclose qualifying security bugs.

For further details and terms check LastPass responsible disclosure.


What is LastPass doing to improve security further?

Looking forward, LastPass has prioritized investment in security and privacy across our platform, infrastructure, and endpoints, and we made the details of this investment public on our Support Center. This includes future plans to encrypt URL and URL-related fields in the vault, implement stricter master password requirements, enhancements to cryptographic methods (Argon2), and more.


Don't see your questions here? Visit Support Center.

icon-s-light_illustrative_security-shield-svg

Trust Center

Your single source for the latest security, privacy, compliance, and system performance information.

Visit Trust Center
icon-s-light_illustrative_security-shield-svg

Security

Safeguarding your data is what we do, with proactive security and reliability as cornerstones of our mission.

Learn more about security
icon-s-light_illustrative_education-svg

Cybersecurity terminology

Learn the basics of cybersecurity education and terms so you can prevent and respond to security incidents.

Read the article
icon-s-light_illustrative_resource-library-book-svg

Trust Center resources

Consult the documentation on product-specific technical, organizational, and compliance measures.

View resources

Stringent security meets global compliance. You get that and more with LastPass.

Free 30-day LastPass Premium trial and 14-day Business trial. No credit card required.