How are bookmarklets secure?
A hash is then created of that (which is also salted with your username) and sent to LastPass as a way to grab an encrypted copy of your key (encrypted with the locally created random number). Your actual key can then be decrypted from a login session with LastPass.com and the local 256-bit random number. This allows LastPass to offer this functionality while staying true to the privacy statement of never having access to your sensitive data.
This bookmarklet should be protected - never send it to LastPass - if combined with a LastPass login session it gets your key, so for security purposes we provide a way to 'recreate' your bookmarklet, which throws away the encrypted copy of your key and recreates it with a new random number (invaliding all existing bookmarklets).