スパックマン クリスDec 30, 2022

Okay, just to be clear ...

It sounds like only some of the fields were actually encrypted. Others (like the URL) were NOT encrypted AT ALL??

My question is: was the notes field in a #LastPass login record encrypted? You know, the place someone might keep answers to security questions and other possibly very important information.

(Not talking about "Secure Notes", but rather the "Notes" field in a log in record - like the url, user name, password, notes, (and so on) fields.)

Show threadJonathan WilliamsDec 30, 2022
@chris_spackman According to multiple accounts from people who have evaluated the vaults (and at least one from a former LastPass engineer), all notes fields are encrypted. That means both Secure Notes, and the notes fields in password entries.
Show threadスパックマン クリス

@Jwilliams

Thank you. That makes me feel much better.

I changed a bunch of financial site passwords and (when possible) usernames and security question answers anyhow. To be safe / Out of an abundance of caution.

#PWGen passwords make great security question answers:

Q: Favorite elementary school teacher?

A: L1m9J9b9hcqXUZ2

#Security #PasswordSecurity #LastPassBreach #LastPass

Dec 30, 2022 at 7:56pmWeb