LastPass is a zero-knowledge password manager that encrypts your vault locally before syncing across devices, ensuring only you can decrypt your credentials with your master password. It operates within the broader password management ecosystem, solving the problem of password reuse and weak credentials by generating, storing, and autofilling unique passwords for every account. A critical insight: LastPass uses PBKDF2-SHA256 with customizable iterations (default 600,000 for new accounts) to derive your encryption key—older accounts created before 2023 may have lower iteration counts (5,000 or 100,100) and should manually increase this setting in Account Settings > Show Advanced Settings > Password Iterations to improve security against brute-force attacks.
What This Cheat Sheet Covers
This topic spans 18 focused tables and 148 indexed concepts. Below is a complete table-by-table outline of this topic, spanning foundational concepts through advanced details.
Table 1: Vault Item Types
Understanding what LastPass can store beyond plain passwords unlocks most of its value—each item type is encrypted identically with AES-256 and your master password, so storing sensitive non-password data here is far safer than plain text files or notes apps.
| Type | Example | Description |
|---|---|---|
Site: example.comUser: user@mail.comPass: •••• | • Stores login credentials with URL, username, password, and optional notes • supports custom form fields for multi-step logins. | |
Type: Bank AccountAccount: 1234-5678PIN: 9876 | • Encrypted free-text storage with predefined templates (Bank Account, Credit Card, SSN, etc.) or custom templates • supports file attachments up to 10 MB each. | |
Card: **** 1234Exp: 12/24CVV: 123 | • Autofills credit/debit card details during checkout • encrypted like all vault data. | |
Name: John DoeAddress: 123 Main StPhone: 555-0100 | • Form fill profile for shipping/billing addresses, phone numbers, and personal details • multiple profiles supported. | |
Site: github.comPasskey: FIDO2 credential | • Stores FIDO2/WebAuthn passkeys for passwordless authentication • syncs cross-platform unlike browser-stored passkeys. |