Change your master password
The master password to your LastPass account allows access to everything in your account: all of your site passwords, secure notes, form fill items, and more. There is no limit for character length of the master password, but it is recommended that you use at least 12 characters and make sure it is memorable.
- Log in to LastPass and access your vault by doing either of the following:
- In your web browser toolbar, click the LastPass icon and select Vault or Open My Vault.
- Go to https://lastpass.com/?ac=1 and log in with your email address and master password.
- Select Account Settings in the left navigation.
- On the General tab under Login Credentials, select Change Master Password.
- Enter your current master password, then create a new master password and enter a password hint (recommended – this is a clue that is sent in a reminder email to help you remember your master password if it is ever forgotten).
Tip: We recommend using the following best practices when creating your master password:
- Use a minimum of 12 characters, but the lengthier the better
- Use upper case, lower case, numeric, and special character values
- Make it memorable, but not easily guessed (e.g., a passphrase)
- Make sure that it is unique only to you
- Don't use personal information
- Don't use sequential characters (for example, "1234") or repeated characters (for example, "aaaa")
- Make sure you don't use your master password for any other account or application
- Click Save Master Password.
Result: Your changes are saved, and you are logged out of LastPass.
- Log back in using your new master password.
- Log out of LastPass on every trusted computer and/or mobile device where you have installed LastPass and accessed your LastPass vault. You can check your active sessions for all devices.
- Log back in with your new master password.
Clear the browser cache on all web browsers where you accessed LastPass in order to clear the Recovery One Time Password that was created from accessing the LastPass website.
Generate new temporary, one-time passwords because all OTPs you generated previously are now invalidated and no longer listed due to your vault being re-encrypted from your master password change.