I’m not missing anything. It’s LastPass who finally need to retract this article. I proved back in 2018 that server-side iterations are misimplemented and have no security effect. That’s why they increased the client-side value in the first place. See https://palant.info/2018/07/09/is-your-lastpass-data-really-...
I’m not missing anything. It’s LastPass who finally need to retract this article. I proved back in 2018 that server-side iterations are misimplemented and have no security effect. That’s why they increased the client-side value in the first place. See https://palant.info/2018/07/09/is-your-lastpass-data-really-...