받기 무료로 LastPass를 체험해보세요

No active security issues with LastPass at this time.

Hacks and Breaches

LastPass Security History

Explore our security timeline and how LastPass keeps you safe in the event of a hack.

No active security issues with LastPass at this time.

Lastpass security blueprint.

As a password manager, security is our top priority. We strive to ensure our customer’s most sensitive information is kept private and safe, at all costs. As a software company, bugs and issues arise naturally and while they’re uncomfortable and concerning, they’re part of the natural process that make LastPass as secure as it is.


Has LastPass ever been hacked?

LastPass experienced a single security incident in our 10-year history, back in 2015. Bottom line, no encrypted vault data was compromised. Even under this most extreme test, our systems performed as designed and protected the encrypted vault data of our users; furthering our conviction and commitment to our 'zero knowledge' security model in which LastPass never has your master password or access to the data within your vault.

When the incident was discovered, we immediately took steps to detect the network breach, adding the requirement of two-step verification for all users within 1 hour of detecting the breach. We also installed HSMs at our data centers to further lock down SAML keys and user password hints.

While a security incident is not ideal for any company, the incident was quickly remediated, our product strengthened because of it and we are proud to have a strong track record of transparency with our community.


How is LastPass safe from being hacked?

LastPass operates on a zero-knowledge security model. Sensitive data stored in LastPass is encrypted at the device level with AES-256 encryption before syncing with TLS to protect from man-in-the-middle attacks. We utilize industry best practices to protect our infrastructure, including regularly upgrading our systems, as well as utilizing redundant data centers to reduce the risk of downtime or a single-point-of-failure. LastPass is market-tested by over 43,000 companies, including Fortune 500 and leading tech enterprises.

LastPass security protocol diagram

How will I know if LastPass has been hacked?

LastPass values transparency in its incident response procedures. Our team reacts swiftly to reports of bugs or vulnerabilities and communicates openly with our community. Communication with users will depend on the incident and those of the highest priority will include emails, blog posts, and social posts. We continue to earn our user’s trust by looking to our fellow community to challenge our technology, reacting promptly, and communicating transparently.


What are you doing to prevent LastPass from being hacked in the future?

It goes without saying that security is fundamental to what we do. As an industry best practice, LastPass conducts at least one annual pen test to help us strengthen our product and demonstrate the security of LastPass as vetted by a reputable 3rd party. We also participate in a bug bounty program, called BugCrowd, where white-hat researchers responsibly disclose bugs so we can improve the product and further harden it against attacks. As the first password manager to offer a bug bounty program, LastPass has built long-standing relationships with many researchers around the world, which only serves to benefit our customers. We welcome contributions from all researchers via our bug bounty program.

In addition to a laser focus on our own security, we also report on data breaches that occur to other companies in an effort to keep our community informed and protected. As a leader in password security, we want to ensure individuals and business clearly understand the impact of third-party data breaches and what steps they must take to mitigate risks for themselves.



Try LastPass for Free

무료로 LastPass를 체험해보세요 Includes a free 30-day trial of Premium
브라우저 아이콘으로 LastPass에 로그인하고 액세스하십시오.

Firefox에 추가.

"허가"과 "설치"를 차례로 클릭하십시오. 설치 과정은
1분 이내로 소요됩니다! 그다음, 계정을 만드십시오. 계정이 이미 있다면 로그인하십시오.

1단계:

"허가"을 클릭하십시오.

2단계:

"설치"를 클릭하면 1분 이내에 LastPass가 설치됩니다.

3단계:

계정을 만드십시오.

Add to browser.

Click Add extension above − it takes less than a minute to download!

Add to browser Create Account

You're almost done.

Next, click the LastPass browser button above to create your account or log in.

Add to browser Create Account