Change Your LastPass Master Password

lastpass-change-password

LastPass has good security, but since they're reporting a breach on their hashes and salts, but not on the encrypted data, it's time to change your master password (but not panic) and if you re-used your master password elsewhere, change those too (and stop reusing your passwords!). It's good hygiene, not a security emergency.

Depending on how many iterations you have set on your master password hash, you might want to do it sooner or later, but regardless you probably have some time. LastPass is currently recommending up to 20,000 hash iterations - you probably want to pick a number in that range, and not one that's easy to guess (h/t GRC for that last one). Their server will additionally hash the data 100,000 more times, so you don't need to do it all locally - and the more you require the slower your vault will open.

One thing to be aware of, though, is that (by default) LastPass will allow you to one-click revert your master password to the last one. This defeats the purpose of good opsec hygiene, so go ahead and turn that setting off. You need to go into your vault, click on Settings on the left, and then _all the way down at the bottom of the screen_ (I have a large vertical screen and the dialog box stretches to fill), you'll find 'Advanced Settings'. It's a checkbox in there:

lastpass-change-password-revert

Obviously, if you then forget your master password you're hosed, so guard it jealously.

Since I'm writing this, I'll make a note of a conversation I had with LastPass a couple months ago. Noting that there are many CA's out there that are not trustworthy, I was concerned that LastPass uses standard PKI TLS to protect the network traffic. I wanted to be sure I was logging into LastPass.com, not an imposter, and any bad CA in the middle could arrange for a subterfuge (I'd certainly be working on that attack if I were an empowered bad-guy). The workaround for this is certificate pinning, which makes a browser compile in a list of key fingerprints for the correct cert. This ensures that such browsers will only accept a TLS connection to the "real" LastPass.com, assuming they can hold onto their certificate. It's not perfect, but it's much, much better than not having it.

I was told that they are pinned in Chrom[ium,e], but when I asked about Firefox, they said they couldn't comment on that and would raise an internal ticket, and that's all they could tell me. I found this to be rather disappointing. However, I later learned (separate from LastPass corporate) that Mozilla is importing the Chrome certificate pinning list, at least as of Firefox 38, so if you're using a current Google or Mozilla browser you should be OK to log into LastPass.com. Assuming the invaders didn't get their x.509 RSA key during this recent incursion.