As I write this, the folks at LastPass recently announced that they saw unexplained traffic on their network and could potentially have seen some of their internal data compromised. It’s important to note that no user accounts have been hacked, and no unencrypted user account information has been compromised.
However, to err on the side of caution, they are recommending that we all change our master passwords.
Here’s how you do that.
Change your LastPass master password
Go to LastPass.com on the web and click on the log-in link.
Log in with your current LastPass password.
After your vault is displayed, click on Account Settings.
It should come up with the “General” tab selected. Click on Change Master Password.
Enter your old password, to confirm that you have the authority to make the change, and then enter your new master password twice.
I recommend using a multi-word passphrase. Passphrase, because it’s longer which is more secure. Multi-word, because that’s easier to remember. The phrase doesn’t need to make sense; in fact, it’s probably better if it doesn’t, as long as it’s easy for you to remember.
Shortly after making the change, you should receive an email that notifies you that a change was made. This is a security measure that would alert you to a password change that you did not initiate.
Depending on your settings, and how many other locations in which you have Lastpass in use, you may need to re-login to Lastpass using your new master password.