Does anyone know of LP performs any kind of 'password stretching', which would make it computationally much harder to brute force the master password on a vault?
LP use PBKDF2 to produce a 256 bit key from your alphanumeric password regardless of the length of your password but that is not going to make your 6 character password into a 25 character password.
You really must use a long random complicated master password. https://support.lastpass.com/help/what-is-the-lastpass-master-password-lp070014
That is good to know. I ask since something like PBKDF2 increases the computational cost for each decryption attempt, so provides some additional protection.
