TL;DR: Last Pass is broken. All passwords at the time of the breach were taken. They also got internal secrets from a laptop and can now probably throw computational power at anything they want to decrypt.

Switch. Do not use. Change everything you have if you were using it. Treat everything as breached.

  • neo [he/him]
    ·
    2 years ago

    Yes, but that said: if you have a bad master password the attempts at cracking it can commence anytime (if not already). So, really, change your master password and EVERY password you manage with LastPass. Anything short of that is insufficient.