In September 2010, ElcomSoft announced a password cracking utility for Research In Motion BlackBerry device backups that takes advantage of what Vladimir Katalov, ElcomSoft's CEO, described as the "very strange way, to say the least" in which the BlackBerry uses PBKDF2. The BlackBerry encrypts backup files with AES-256. In turn, the AES key is derived from the user's password using PBKDF2. However the BlackBerry software uses only one PBKDF2 iteration. By contrast, according to Katalov, Apple's iOS 3 uses 2000 iterations and iOS 4 uses 10,000.
As it turns out, lastpass by default used only 1 iterations too, so now we have several thousand users online with 1 iteration encrypted vault only. They have to manually go to setting and change the iteration, and as we know, 99% will not do that.
how come lastpass didn't know about that weakness until now?