Recent LassPass master password breach....

Community Member

which I originally was alerted from

I wanted to ask what 1P staff thinks is the likely attack venue for the compromised passwords?

and how would 1P handle this better.

1Password Version: 8.4.1
Extension Version: 2.1.4
OS Version: win10 x64 ltsc


  • Hi @4EverMaAT

    1Password isn't impacted by the recent credential stuffing attempt on LastPass. LastPass itself doesn't appear to have been compromised, and according to them, the security alerts that were sent out were accidental. With that being said, 1Password protects you against similar credential stuffing attacks in the form of the Secret Key. Your Secret Key is long, random, and unique, which ensures that guessing attacks won't work on a 1Password account: About your Secret Key

    Both your 1Password account password and your Secret Key are required in order to decrypt the data within your 1Password vault, and so an attacker without both, in full, would be unable to compromise your 1Password account. 1Password also offers optional two-factor authentication, which would protect you even if an attacker somehow acquires both your account password and your Secret Key at once.

    I hope that helps!


This discussion has been closed.