Notably, in late 2022, user data, billing information, and vaults (with some fields encrypted and others not)[a][8] were breached, leading many security professionals to call for users to change all their passwords and switch to other password managers.

The content is synchronized to any device the user uses the LastPass software or app extensions on.

The company was combined under the LastPass brand with a similar product, Meldium, which had already been acquired by GoTo.

[7][24] In March 2009, PC Magazine awarded LastPass five stars, an "Excellent" mark, and their "Editors' Choice" for password management.

[25] A new review in 2016 following the release of LastPass 4.0 earned the service again five stars, an "Outstanding" mark, and "Editors' Choice" honor.

[30][31][32] In a 2017 Consumer Reports article commented LastPass a popular password manager (alongside Dashlane, KeePass, and 1Password), with the choice between them mostly down to personal preference.

[35] Also, at the end of 2021, an article at the site BleepingComputer reported that LastPass users were warned that their master passwords were compromised.

[38][39] In November 2022, LastPass assured users that passwords stored with the service were still secure.

[44] Commentators expressed concerns that if a user's master password was weak or leaked,[38] the encrypted parts of the customer's data could be decrypted.

[45] Initially, LastPass stated no action was necessary for the majority of its customers,[46] but other sources recommended changing all passwords and vigilance against possible phishing attacks.

[38][47] A class-action lawsuit was initiated in early 2023, with the anonymous plaintiff stating that LastPass failed to keep users' information safe.

[48] In September 2023, a potential link was made between the 2022 data theft and a total of more than $35 million in cryptocurrency that had been stolen from over 150 victims since December 2022.