How do I view at-risk passwords in my LastPass vault?
LastPass helps you easily identify site passwords that are considered at-risk in your vault, then guides you through the process of changing those unsafe passwords on both the affected site and within your vault using our built-in secure password generator.
A password is considered "at-risk" if it is weak, reused, or missing for the site entry in your vault.
You can view these passwords that need attention from within your vault on the Passwords page, or from the Password Security page via the Security Dashboard.
Note: You can turn off "password at-risk" alerts displayed in your vault or in the browser extension. For more information, view How do I disable password alerts for at-risk passwords?.
View from the Passwords page
- Log in to LastPass and access your vault by doing either of the following:
- In your web browser toolbar, click the LastPass icon and select Vault or Open My Vault.
- Go to https://lastpass.com/?ac=1 and log in with your email address and master password.
- If prompted, complete steps for multifactor authentication (if it is enabled for your account).
- Select Passwords or All Items in the left navigation.
Result: All site password entries that need attention are displayed with a "Password at risk" indicator.
- To view the type of risk (i.e., weak, reused, or missing), select on the password entry.
Results: You have identified the at-risk passwords in your vault.
View from the Password Security page
- Log in and access the LastPass Security Dashboard by doing either of the following:
- While logged in to LastPass, click the active LastPass icon in your web browser toolbar, then select Security Dashboard in the menu.
- Log in at https://lastpass.com/?ac=1 with your email address and master password, then select Security Dashboard in the left navigation.
- In the Security Score pane, select View passwords.
Results: On the Password Security page, all at-risk passwords are displayed. If desired, you can use the "Filter by" option in the upper-right to display only weak, reused, or missing passwords.