With the latest breaches at companies like LastPass, your customer data is even more vulnerable. We have put together remediation steps for your LastPass users to help correct or transition to a more secure solution.
- Change your LastPass Master Password. Log in, head to Account Settings, and change your Master Password under ‘Login Credentials.’
- Go through your Vault and figure out what’s critically important to you, personally and professionally, and change the password(s) directly on each site.
- Check your Password Iterations setting and make sure it’s at least 100100. Go to Account Settings, click Show Advanced Settings, and confirm this value under the ‘Security’ section.
- Consider migrating away from LastPass.
At the end of the day, #4 is completely up to you. I personally can’t advocate for LastPass, largely due to how they handled the breach but also for all the dirty laundry that has come out after the fact.
If you’d like to migrate away from LastPass, it isn’t too difficult!
- Log in to LastPass via your browser.
- Select Advanced Options in your sidebar and click Export under ‘Manage Your Vault.’
- LastPass will email you, and you need to select the Continue Export button in the email.
- You’ll be taken back to LastPass, back to Advanced Options, and will need to click Export one last time.
- Choose a password manager alternative. I can recommend 1Password and BitWarden if you want to manage an offline password manager.
- Any reputable password manager can ‘Import’ in their settings. You’ll simply select that, upload your LastPass export file, and the job is done!
VERY IMPORTANT: Delete that copy of your passwords fully (including emptying your trash). That’s got all your crown jewels in it!