I really do not understand how people can use those services. It is just so easy: Either someone from LastPass or a hacker changes the JavaScript of the website (very easy) or the software via update (little harder but happened already lots of times before). Then as soon as the user logs in (2 factor won’t help), the…