I guess they should change their motto, huh?
"LastPass. The TWO last passwords you'll ever need"
As they will whoever finally succeeds in hacking LastPass.
Sad truth is, something like LastPass is such a visible and high value target for a team of criminal hackers that it's only a matter of time and resources.
Even encryption is becoming less and less effective as advances in hardware and clustering technologies are bringing capabilities that were once the domain of multi-million dollar supercomputers down to the desktop level. Most cryptography will eventually go the way of the dodo bird.
Nobody can even dismiss '"brute force" cracking techniques as being impractical any more. Today's multicore CPUs make it an extremely workable crack for most passwords people are able to commit to memory. One decent computer plus some free software (easily found and downloaded from the web) can get you past 99% of the passwords most people come up with. Even the so-called "strong" passwords. 10 or more characters? Piece of cake! Mix of uppercase, lowercase, numbers and symbols? No problem - got it covered! No "dictionary" words? Don't make us laugh...
Dangerous world out there. Watch where you put your keys.
P.S. I had a client's employee lock him out of a set of company spreadsheets after the employee was informed he might get laid off. Must have thought doing that would get him some job security rather than realizing it's a felony in many places. This employee used a complex 16-character highly randomized password to lock those files.
It took an i3 laptop and some open source freeware less than ten minutes to crack it.Hayduke Lives!