LastPass Login Process

A flow chart describing a typical (and simplified) LastPass login process. This is based on both LastPass official documentations and their extension JavaScript source code.

salt
salt
Password
Password
Email
Email<br>
PBKDF2
PBKDF2
Vault Key
Vault Key
PBKDF2
PBKDF2
Login Hash 1
Login Hash 1
Login Hash 2
Login Hash 2
PBKDF2
PBKDF2
Login Hash 2
Login Hash 2
Salt
Salt
Compare
Compare
If matched
If matched
Session ID
Session ID
Session Key
Session Key
Session ID
Session ID
Session Key
Session Key
Retrieve
Retrieve
Encrypted Vault
Encrypted Vault
Encrypted Vault
Encrypted Vault
Session ID
Session ID
Decrypt
Decrypt
Decrypted Vault
Decrypted Vault
Encrypted Vault Key
Encrypted Vault Key
Encrypt
Encrypt
Email
Email<br>
Encrypted Vault
Encrypted Vault
Authenticate
Authenticate
Start Session
Start Session
Client Side RAM
Client Side RAM
Server Side RAM
Server Side RAM
Client Side Storage
Client Side Storage
Server Side Storage
Server Side Storage
Email
Email<br>
Persistent Storage
Persistent Storage
Cookies
Cookies
Randomly Generate
Randomly Generate
salt
salt
salt
salt
key
key
key
key
Session ID
Session ID
Email
Email<br>
Encrypted Vault Key
Encrypted Vault Key
Encrypted Vault
Encrypted Vault
Session ID
Session ID
Email
Email<br>
Compare
Compare
Retrieve
Retrieve
Session Key
Session Key
If matched
If matched
Vault Key
Vault Key
key
key
Decrypt
Decrypt
Decrypted Vault
Decrypted Vault
key
key
Decrypt
Decrypt
Recheck Session
Recheck Session
Resume Session
Resume Session
Browser / Computer Restart
Browser / Computer Restart
Start with
User Input
[Not supported by viewer]