Your encrypted data is actually meaningless to LastPass and to everyone else without the decryption key. This key is created from your email address and Master Password. Your Master Password is never sent to LastPass or MIT, only a one-way hash of your password when authenticating, which means that the components that make up your key remain local. LastPass also offers an array of advanced security options that let you add more layers of protection for your organization.
- All sensitive data is encrypted locally
- They use government-level encryption
- Only your users know the key to decrypt their data
- No more using your browser’s insecure password manager