product icon

How do I change passwords associated with compromised email addresses for dark web monitoring?

    If you received a dark web monitoring alert that an email address has been compromised, you should immediately change the password associated with site entry for the compromised email address.

    Restriction: If you have a LastPass Teams or LastPass Business account, the ability to perform these actions may be limited or prohibited due to policies enabled by your LastPass admin.
    Note: This feature is not available for LastPass Free users. Learn how to upgrade to LastPass Premium, or view LastPass plans and pricing for feature information.
    Before you begin: You must have already enabled dark web monitoring.
    1. Log in and access the LastPass Security Dashboard by doing either of the following:
      • While logged in to LastPass, click the active LastPass icon active LastPass icon in your web browser toolbar, then select Security Dashboard in the menu.
      • Log in at with your email address and master password, then select Security Dashboard in the left navigation.
    2. In the Dark Web Monitoring pane, a list of all the email addresses stored in your vault is displayed, and each email address is tagged with one of the following statuses:
      • Compromised
      • Secure
      • Not Monitored
      Note: When you access the Security Dashboard, the most recently reported dark web monitoring alert is displayed in the right navigation.
    3. Click View alert next to the desired compromised email address to display the dark web monitoring alert and details in the right navigation.
    4. The following details are included in each dark web monitoring alert:
      • Date when LastPass was notified that your email address was compromised
      • Breached site
      • Email address associated with the breached site
      • Compromised data (email addresses, passwords, etc.)
    5. Click Change password.
    6. You are redirected to the breached site associated with your compromised email address.
      Note: If the password associated with your compromised email address has been reused for other sites, please be sure to change your password for those sites as well.
      Security Dashboard with dark web monitoring alert example
    7. From here, you can either log in to the site (using your existing password) and change the site password within your user account settings, or use the Forgot Password recovery flow to change your password.
    8. Once your password has changed, you will be prompted by the LastPass web browser extension (if logged in) to click one of the following:
      • Update to change the site password entry in your LastPass vault.
      • Add to add the site password entry to your LastPass vault for the first time. This occurs when your email address is found to be breached on a site that has not yet been added to your vault.
    9. Return to your LastPass vault.
    Results: Your password has been updated on both the breached site and within your vault, and your email address now displays a "Secure" status and is no longer considered compromised.