"Instead password strength meters measure entropy - the amount of time or energy needed to crack a password using brute force methods. The longer and more complex the password, the longer it will take to crack by simply iterating through a list of all possible passwords. According to Stockley, however, brute force is a password cracker's last resort."
""All passwords are Diceware generated and contain six words," Mira says on her website. "I write the passwords by hand and do not keep a copy of what I have sent to you. The passwords are sent by U.S. Postal Mail, which cannot be opened by the government without a search warrant." She also recommends you alter the pass phrase slightly after she sends it to you."
"If you use the default settings above, it would take millions of years to guess your master password using generally-available password-cracking technology. Your sensitive vault data, such as usernames and passwords, secure notes, attachments, and form-fill fields, remain safely encrypted based on LastPass' Zero Knowledge architecture. There are no recommended actions that you need to take at this time. "
"A dump called "Collection #1" has been released by parties unknown, containing email addresses and cracked passwords: in its raw form, it contains 2.7 billion records, which Troy "Have I Been Pwned" Hunt (previously) de-duplicated to come up with 773 million unique records -- of those 140,000,000 email addresses and 10,000,000 passwords have never been seen in the HaveIBeenPwned database before."
Justin Engler and Paul Vines will demo a robot called the Robotic Reconfigurable Button Basher (R2B2) at Defcon; it can work its way through every numeric screen-lock Android password in 19 hours.