Password Iterations (PBKDF2)

To increase the security of your master password, LastPass utilizes a stronger-than-typical version of Password-Based Key Derivation Function (PBKDF2). At its most basic, PBKDF2 is a “password-strengthening algorithm” that makes it difficult for a computer to check that any one password is the correct master password during a brute-force attack.

The standard implementation of PBKDF2 uses SHA-1, a secure hashing algorithm. SHA-1 is fast, but its speed is a weakness in that brute-force attacks can be performed faster.

LastPass has opted to use SHA-256, a slower hashing algorithm that provides more protection against brute-force attacks. LastPass utilizes the PBKDF2 function implemented with SHA-256 to turn your master password into your encryption key. LastPass performs x number of rounds of the function to create the encryption key, before a single additional round of PBKDF2 is done to create your login hash.

The entire process is conducted client-side. The resulting login hash is what is communicated with LastPass. LastPass uses the hash to verify that you are entering the correct master password when logging in to your account.

LastPass also performs a large number of rounds of PBKDF2 server-side. This implementation of PBKDF2 client-side and server-side ensures that the two pieces of your data- the part that’s stored offline locally and the part that’s stored online on LastPass servers- are thoroughly protected:

iterations

By default, the x number of rounds that LastPass uses is 5000. LastPass allows you to customize the number of rounds performed during the client-side encryption process. If you log in to LastPass, open your LastPass vault from the LastPass Icon, and launch Account Settings, you will see the “Password Iterations” field displaying the current number of rounds used for your account. Although 5000 is currently the default number of rounds, your number may be lower if your account is older.

5000 rounds provides a good balance between increased security and the inconvenience of longer pauses when logging in to your account. While it’s tempting to point to the number of rounds when comparing implementations of PBKDF2 across services, this is essentially an apples to oranges comparison, as other services may be using SHA-1, which is less computationally intense than SHA-256. In other words, SHA-256 is a more intensive process than SHA-1, so a lower number of rounds can still be a higher level of security against brute-force attacks.

In terms of usability, the number of rounds used only affects the process of logging in to your LastPass account. Once you gain access to your account, the implementation of these changes will not affect your browsing experience.

Note: LastPass supports a diverse set of platforms which vary greatly in speed. In order to utilize all of them, we recommend you do not exceed 10,000 rounds. A change from 5000 rounds to 10,000 rounds may not be perceptible to you on most platforms. However, while we permit users to increase their rounds all the way to 200,000 rounds, you may start to notice problems when logging in via certain browsers or platforms when you go above 5,000 rounds. For example, Internet Explorer 7 will be very slow with such a higher number of rounds. Logging into m.lastpass.com on a smart phone (where the rounds are done in JavaScript only) may not work at all.