LastPass Heartbleed checker

Add to browser.

Click Add extension above − it takes less than a minute to download!

Add to browserCreate Account

You're almost done.

Next, click the LastPass browser button above to create your account or log in.

Add to browserCreate Account
Log in and access LastPass using the browser icon.

Add to Firefox.

Click "Allow" then "Install" above. The installation takes
less than a minute! Next, you'll create your account, or log in if you already have one.

Step 1.

Click "Allow"

Step 2.

Click "Install" and LastPass will be installed in under a minute.

Step 3.

Create your account.

This test has been shutdown as sites have largely addressed Heartbleed.

With news breaking on Monday, April 7th 2014 that the Heartbleed bug causes a vulnerability in the OpenSSL cryptographic library, which is used by roughly two-thirds of all websites on the Internet, we want to update our community on how this bug may have impacted LastPass and clarify the actions we're taking to protect our customers.

What is the Heartbleed bug?

Check a site:

Check the sites that you've entrusted with your information. If you have any doubt, please use LastPass to update passwords on potentially impacted sites as soon as the vendor has reissued their certificates. LastPass users can do this by running the Security Check tool from their icon menu. LastPass will not only alert you to which sites are vulnerable, but also tell you the last time you updated your password for the site, when that site last updated their certificates and what action we recommend taking at this time. Get started with LastPass now.

Need some inspiration?

Has your organization made a public statement about use of vulnerable versions of OpenSSL over the last 2 years? Or if you reissued your certificate without changing the date and we don't have enough SSL certificate history to notice the change: Let us know

LastPass' checker is different from other checkers -- LastPass is checking if you were at risk in the past, and if steps have been taken to ensure you're currently safe, and if you should change your password, other checkers are focused on is a site currently exploitable -- that's also useful but less likely to be the case for anything but the smallest sites.

* last updated 2015-01-13 12:44:01