HELP FILE
How does LastPass handle brute force or dictionary attacks against my account?
LastPass stores a record of each login failure on a global and per IP basis.
If attempts pass a threshold of failures, LastPass will ensure the account becomes locked out. LastPass also supports a global lockout threshold if someone distributed an attack against your entire account. This does not impact you logging into your locally-cached copy of your vault data, and LastPass will send an email notification if this happens.