Viewing a single comment thread. View all comments

mrDragon616 t1_j85fdig wrote

Wouldn't that be the same as a hash password? Or wouldn't it be better if everything was hashed as opposed to it being encrypted by it's master password?

2

jmpalermo t1_j85g5cn wrote

Hashed passwords are only useful for verifying somebody has the password. So if you are a website, you store only a users password hash, then when they try to sign in, you hash the password they’re logging in with to verify it matches.

You can’t reverse a hash back into the original password though.

So for you to be able to retrieve your passwords from LastPass, the password must be stored, not just the hash.

1