[Since LastPass has been recommended as a temp. solution for FF users and so many appear to be using it, I felt this warning to be appropriate here]

"LastPass users could be tricked into giving away their login details, because of a design flaw that has been described as “hard-to-fix and easy-to-exploit”.

The flaw, dubbed ‘LostPass’, puts users at risk of phishing attacks and is said to be capable of bypassing two-factor authentication, making it a serious security risk........"

http://www.itpro.co.uk/security/25878/lastpass-phishing-hack-could-trick-users-into-giving-away-their-password