|
|
|
|
|
|
by leftpass
1639 days ago
|
|
|
Another possibility is that one of their (many) previous security incidents led to the leaking / exposure of master password hashes, and maybe LastPass don't treat the password hashes as they should (as a password!) and didn't take steps to ensure that any compromise hashes couldn't be re-used. So, potentially, your master password is safe, but there's a hash of it floating around. Personally, I've long recommended people stay well clear of LastPass for their bad record of security, so shipping a bug in password-hash verification, or treating password hashes haphazardly would not surprise me in the slightest. |
|
|
I wonder if haveibeenpwned.com would somehow have information about this. I just pinged them on twitter.