HELP FILE
Why does my password strength and security score change?
LastPass uses the industry-standard zxcvbn library to assist in calculating each password's strength. As a result, your individual passwords' strength and your security score for all of your passwords in your vault may vary. Individual password strengths can be 0-25-50-75-100 while the security score can be anywhere between 0-100.
How is password strength calculated?
The password strength for each of the passwords in your vault are calculated using the
zxcvbn library, and provides results outlined in the table below.
Note: The password strength percentage displayed (when you view at-risk passwords in the Security Dashboard) may show a different value than those listed below if the password has been reused on multiple site password entries in your vault (e.g., if a very strong password has been reused on 3 separate password entries, the score will be 33% because a password strength score of 100% ÷ 3 = 33%).
Password Strength | Score in zxcvbn | Password Strength in Vault |
---|---|---|
Very weak | 0 | 0% |
Weak | 1 | 25% |
Average | 2 | 50% |
Strong | 3 | 75% |
Very strong | 4 | 100% |
Password strength is displayed when you do any of the following:
- Create a new account
- Reset your master password
- Generate a secure password
- Add a new site password
- View your Security Dashboard, which includes your security score
- View your Password Security page to see at-risk passwords in your vault
- Access the Admin Console and view user details, security reports, and policies (for LastPass Teams and LastPass Business accounts only)
How is the security score calculated?
Your security score is a combined rating of how strong your passwords generally are – meaning their overall length and complexity – with the highest possible score being 100 points. However, in order to get a perfect score, you must have at least 50 site passwords stored in your LastPass vault.
Your security score is calculated using a scale that is outlined in the table below.
The following settings affect your overall security score:
Rating | Security Score (Combining Various Factors) |
---|---|
Low | 0 ≤ X < 50 |
Average | 50 ≤ X < 75 |
High | 75 ≤ X < 100 |
Highest | X = 100 |
- The total number of secure passwords you have stored in your vault – must have at least 50 passwords stored in order to pass with a perfect score of 100 points.
- Whether or not you have enabled multifactor authentication accounts for 10 points. Learn how to enable.
- Permitting offline access deducts 1 point.
- Allowing unrestricted mobile devices to access your vault deducts 1 point.
- Allowing trusted devices to skip multifactor authentication prompts deducts 1 point.