Viewing a single comment thread. View all comments

wpalant t1_j1vwns9 wrote

Disclaimer: I’m the author of the article linked by the OP.

I’m sorry to be telling you this but it’s too late for changing the master password now. It’s the master password in use when the data leaked that matters.

On the bright side: it isn’t very likely that the passwords of a regular “nobody” will be decrypted. I’ve outlined the considerations here: https://palant.info/2022/12/23/lastpass-has-been-breached-what-now/

However, if you want to mitigate the risk, there is no way other than changing passwords now. Especially passwords of high-value websites (banking accounts, shopping sites etc.).

16