SECURITY
An encryption model that prioritizes your security
Data protection relies on a strong encryption model. Even as your solution provider, LastPass has zero knowledge of your encrypted vault data, and hackers don't either.
You hold the key
You create a plaintext Master Password, from which is derived a unique encryption key. It’s the last password you’ll need to remember.
Make your data useless to hackers
Your vault data is protected using AES-256 encryption and 600,000 rounds of PBKDF2-SHA-256 hashing plus salting.
Only decrypted on your device
Only your plaintext Master Password – which is not stored on our servers – will unlock the data within your vault.
Zero-knowledge encryption works by separating the user’s unencrypted data from the service provider’s servers. For example, a user’s data is first encrypted locally on the end user’s device using a unique encryption key known only to the user, before it is sent to the service provider to be stored in an already encrypted state. The user’s encryption key is not shared with or known to the service provider, thereby ensuring that the data remains encrypted on the service provider side since the service provider has “zero knowledge” of the key needed to decrypt and access the encrypted data.
Our zero knowledge security architecture is based on the concept of a “Master Password,” which is known only to you, the user. Two things happen to your Master Password.
- LastPass uses PBKDF2-SHA256 with 600,000 iterations to derive an encryption key.
- Then we perform one more iteration and use this as a separate authentication construct.
Once authentication is successful and the vault is retrieved, we use AES-256 bit with the encryption key to decrypt (and encrypt) the contents of your vault. You can think of this encryption model as separating the client (local) vs. the server:
- The client is you, particularly the devices you use to access LastPass.
- The server is LastPass, specifically our servers, which are stored in the cloud.
The authentication hash appropriately authenticates by confirming that your plaintext Master Password matches the derived authentication hash stored on the server.
By utilizing these encryption and hashing methods, LastPass is designed so that your Master Password and sensitive vault data are unknown to anyone but you. All of these measures protect you against potential server-side attacks.
Encryption terminology 101
Encryption
A two-way function that converts plaintext (like your Master Password) to unreadable text. LastPass encrypts your vault data to protect it from bad actors.
Hashing
A one-way function that converts data – like your plaintext Master Password – to a unique, unreadable output called a hash. The hash is stored server side for authentication purposes.
Salting
Salting takes one input, like your Master Password or an authentication hash, and makes it more unique and even harder to match. Salt values are different for every user and input.
Learn how LastPass protects your data
Trust Center
Your single source for the latest security, privacy, compliance, and system performance information.
Visit Trust Center
Cybersecurity terminology
Learn the basics of cybersecurity education and terms so you can prevent and respond to security incidents.
Read the article
Technical white paper
Read about how we built the LastPass service to ensure that your data is protected and private.
Read the white paper
Security
Safeguarding your data is what we do, with proactive security and reliability as cornerstones of our mission.
Learn more about security