A _random_ 16-character password from all character types can't be brute-forced. A password made from common dictionary words, with numbers substituted in with l33tsp3ak, and an exclamation mark on the end, is a different story. Passwords like that would be sitting in precomputed hash lists already.

The hash would only be sitting in precomputed lists if LastPass did not salt the passwords first. It's my understanding that they did.

Ah, we both went on a tangent. The password in question is to the twitterer's LastPass vault, and so a precomputed hash list would be of no use, and since it's an encryption key and not a hash, there is nothing to salt.

I suppose the point was more that faced with many users' LastPass vaults there are more likely and less likely keys -- but they'll still have to try the keys.

Read the tweets, explaining how they generated their password.

faulty implementation of encryption , such as using a weak RNG