A set of three or more words that are unusual together is more secure than a short complex password that you invented yourself. Because you can't store LastPass's master password in LastPass, you should think of a way to make a memorable result. Some experts suggest phrases or unlikely conjunctions: you were running in the woods and stubbed your toe when you saw a unicorn becomes "runs stubbed unicorn". It would take on the order of a quintillion password checks to get to that result.
LastPass wasn't just lucky. Their preparations paid off. I'm looking forward to learning more about just how their systems were penetrated, and I hope in the interests of transparency, the company will provide more details. But it's nice for once to see that an ounce of prevention was worth a million tons of cure.
Sign up for CIO Asia eNewsletters.