How do I change passwords associated with compromised email addresses for dark web monitoring?

If you received a dark web monitoring alert that an email address has been compromised, you should immediately change the password associated with site entry for the compromised email address.

Before you begin: You must have already enabled dark web monitoring.
  1. Log in to LastPass and access your Vault by doing either of the following:
    • In your web browser toolbar, click the LastPass icon active LastPass icon, then select Open My Vault.
    • Go to and log in with your email address and Master Password.
  2. Select Security Dashboard in the left navigation.
  3. In the Dark Web Monitoring pane, a list of all the email addresses stored in your Vault is displayed, and each email address is tagged with one of the following statuses:
    • Compromised
    • Secure
    • Not Monitored

    Note: When you access the Security Dashboard, the most recently reported dark web monitoring alert is displayed in the right navigation.

  4. Click View alert next to the desired compromised email address to display the dark web monitoring alert and details in the right navigation.
  5. The following details are included in each dark web monitoring alert:
    • Date when LastPass was notified that your email address was compromised
    • Breached site
    • Email address associated with the breached site
    • Compromised data (email addresses, passwords, etc.)
  6. Click Change password.
  7. You are redirected to the breached site associated with your compromised email address.

    Note: If the password associated with your compromised email address has been reused for other sites, please be sure to change your password for those sites as well.

  8. From here, you can either log in to the site (using your existing password) and change the site password within your user account settings, or use the Forgot Password recovery flow to change your password.
  9. Once your password has changed, you will be prompted by the LastPass web browser extension (if logged in) to click one of the following:
    • Update to change the site password entry in your LastPass Vault.
    • Add to add the site password entry to your LastPass Vault for the first time. This occurs when your email address is found to be breached on a site that has not yet been added to your Vault.
  10. Return to your LastPass Vault.

    Result: Your password has been updated on both the breached site and within your Vault, and your email address now displays a Secure status and is no longer considered compromised.