What is considered an "old" password?

cdanmyers

Lastpass Security Dashboard says that it flags "old" passwords under the list of "at-risk" passwords. I'm pretty sure that some of my passwords are fairly old (years, not months) but right now now none are flagged as at-risk because they are old.

Is this intentional? Are old passwords no longer considered a security risk, or is the threshold for "old" just really, really old. I know that the consensus among security professionals is that requiring frequent password changes is counterproductive, but I did appreciate the feature of the old security challenge that told you which of your passwords were over a year old (at least, if I'm remembering it correctly).

rachael.orovets

Hello@"dan1983",

We have recently be updatedour password strength calculations to keep up with ever-changing cybersecurity best practices. These calculations may change users' security scores - and we encourage users to explore and address any new alerts. As noted here, password age is no longer a major factor in password risks as changing passwords often isn't recommended when a secure password is used (unique, randomly generated, etc.)

For more information on these changes please see the support article here:https://support.logmeininc.com/lastpass/help/why-does-my-password-strength-and-security-score-change