What is dark web monitoring?

The dark web monitoring feature evaluates all of your stored email addresses in your Vault items, and alerts you immediately – via email notification and within the Security Dashboard – if any of your email addresses have been found in the database of breached credentials.

Watch Video

If you have compromised email addresses, you are guided through steps to change your password for the site associated with the breach. You can also manage the email addresses you want to exclude from being monitored. Learn how to enable dark web monitoring and manage your dark web monitoring alerts.

You can stop monitoring any email addresses that you want to exclude, but if you change your mind, you can always start monitoring the email address again so it is included in dark web monitoring.

A hashed version of your email addresses will be monitored and will not be used for any purpose other than monitoring for security breaches.

Please note that for individually shared items, the email address associated can only be monitored within the sharer's Security Dashboard. For example, if you share a Vault item that has a monitored email address, it will only be monitored within your own Security Dashboard. Alternatively, if a Vault item is shared with you, then the email address will only be monitored within the sharer's Security Dashboard and not yours.

Additionally, shared folder items (i.e., items within a shared folder that have been shared with you) that have email addresses associated with stored site password entries will not be monitored.

Note: This feature is not available in the LastPass Password Manager apps for iOS and Android, however, mobile users can run the Security Challenge on their device if they are subscribed to a LastPass Premium, Families, Teams, or LastPass Business plan.


This feature is not available for LastPass Free users. Learn how to upgrade to LastPass Premium, or view LastPass plans and pricing for feature information.

Only 100 email addresses are monitored.