If I find out that my password was in a data breach this would be the easiest way to reset the password for all of those accounts.
Hello @LastPass User
Welcome to the LastPass Community!
I'll be happy to assist on your inquiry, in this case if you would like to monitor your passwords we do offer the option to enable darkweb monitoring: https://support.lastpass.com/s/document-item?bundleId=lastpass&topicId=LastPass/sd_dwm_start_monitoring.html&_LANG=enus
I hope this helps and if there's any further question or request please let us know.
I have the same issue as the OP and I don't understand the reference to Dark Web Monitoring.
It's a very simple question: if I find out that my password "ABC123" was part of a data breach, how can I search across my entire Vault to identify every record where that password is used, so I can change it?
At present that does not seem to be possible? Is there a way of doing this?
Thanks
I agree with the other LP Users. Being able to search by password is a crucial function for revoking exposed passwords.
I have identity tracking services that can report exposure on the dark web but provides only the username and password - not the domain(s) it was exposed from. Right now I have a known exposed password but no way to discover if that password is still in use or what domain it was used at.
It should be possible to search both currently active passwords as well password histories. This would allow me, the customer, to determine if an exposed password has already been remediated or not.
ALSO the exposed password is associated with an email address that is already being monitored by the LastPass Dark Web monitoring service, but the LP service is not flagging an exposure. SO which service is right? The identity service that is flagging the exposed password across 3 lists on the dark web or LP's scan which may have missed the exposure or simply determined the exposed password isn't in my vault?
Furthermore, what if the exposed password is associated with a non-email username? LP Dark Web monitoring doesn't seem to have a way to monitor this.
The easiest way for me as the customer to figure this out is to just give me a way to securely search by password to determine if any accounts in my vault are compromised.
This is understandable. I'd say the ability to search for passwords within the Vault would be an excellent idea for LastPass enhancement.
AshC_LP - thank you for your reply. As a LastPass employee are you able to confirm to us whether this feature is now in the development request queue and whether there is a timescale for implementation? If not yet in the queue, what can we users do to get it there?
Thank you
