If you use LastPass, they suffered a security breach which has resulted in crypto-secured passwords being stolen (along with other user-data). In short - you should be safe due to the nature of the service (your key was never actually supplied to their server aside for one time unlocking), but change your passwords regardless where appropriate. In long, you should possibly swap to offline / custom storage, such as KeePass 2 (http://keepass.info/). Source: http://arstechnica.com/security/201...-lastpass-exposes-encrypted-master-passwords/