Security and privacy are the foundation of our business. Check the features and settings that LastPass uses to deliver a best-in-class product.
All user data collected by LastPass is stored using best-in-class security and procedures, and when used by LastPass in the course of delivering our service, is done so in an aggregated way that does not put our users at risk.
As with all LastPass data, this information is securely synced to LastPass servers. We use firewalls, secure transfer protocols, and industry-standard practices to protect the servers and service, as well as regular third-party audits for outside review and validation of our security and privacy measures. Any other personally identifiable vault data (for example, usernames, passwords, information in notes, name of entries, values for form fields) is encrypted using our local-only encryption model, in which LastPass never knows your master password and never has access to personal information stored in your vault.
For more information on LastPass security, see the LastPass Technical Whitepaper (PDF).
For more information about our commitment to privacy and security, visit our LastPass Legal Center and review our Global Privacy Policy.
