Showing results for 
Search instead for 
Did you mean: 
New Contributor

Lastpass's password requirements are harmful

Lastpass's password requirements that require a capital letter, number, and symbol are 90s level password requirements that are massively out of date and unacceptable for a product who's whole job is passwords. 

(link removed as it looks like promotion GlennD)


Passphrases are the modern best practice and your password requirements make it impossible to use this best practice because the best practice is to *not* use capitals, numbers, or symbols, but simply a series of correctly spelled lower case words. Four words will provide enough security for most things, and 5 words is basically impenetrable. Requiring all these things about your lastpass master password makes it harder to type, harder to remember, and generally less secure. 


Please remove these harmful password restrictions and update your recommendations to have people create proper passphrases instead of old timey passwords.