LastPass will finally enforce a 12-character minimum master password

A cartoon illustration shows a shadowy figure carrying off a red directory folder, which has a surprised-looking face on its side.
Keep your passwords safe from this guy. | Illustration: Beatrice Sala

Following a high-profile security breakdown in 2022, LastPass is finally imposing a 12-character minimum for customers’ master passwords.

BleepingComputer spotted a release from LastPass confirming the change that acknowledges 12 characters was already the default setting, but preexisting users previously had the option to set a shorter password. LastPass removed this option last April, requiring new customers and anyone resetting their master password to hit the 12-character requirement. But if your account had a shorter, less secure password, you’ll be forced to change it soon.

LastPass’ security woes are well documented — breaches in 2022 allowed hackers to steal customer vault data. If you were affected, this meant the only thing…

Continue reading…

Read more