Hello,
I am an avid user of your product and have been since LastPass lost their way and screwed everyone over with their price hikes. I have a suggestion to improve the security of your product even more. Currently, we can access our vault online and our account info is our email and then our password. Seeing as how people can get our email from public places, the bad guys have half of the login info. Would it be possible to incorporate some kind of userid system instead of or in addition to the email, so that the attack surface can be reduced and make it more difficult for the bad guys. This is especially important for accessing our vault on your website. Yes, I know about 2FA, but I am asking for security to be even further and to move away from the email address logins.
Thoughts?
Jeff