I was quite surprised to see your extension, it is very similar to my Easy Passwords extension in both concept and design. I've had a brief look at the source code and I guess that it was a completely unrelated development after all?
Please increase the number of iterations, PBKDF2 with 8192 iterations is a very bad idea in year 2016. I would consider 100k iteration the lower limit, my Easy Passwords extension uses 256k. For reference, I described the threat scenario here:
Note that LastPass isn't a good example when it comes to security-relevant decisions. If you are interested, I published a lengthy writeup under https://security.stackexchange.com/a/137307/4778.
I don't think that this is sufficient as long as 8192 is still the default. Personally, I don't think that exposing the number of iteration is a good idea at all - users have no way of knowing how much is enough. Frankly, it took me quite a while to find out what contemporary hardware (especially GPUs) is capable of and how many iterations should be considered safe today.
LessPass starts with 8192 iterations. I prepare the code to increase this number, I will not let users change it. We are creating an interface to change master password and then we will plan a LessPass version change (with a number of iterations changes)
Please increase the number of iterations, PBKDF2 with 8192 iterations is a very bad idea in year 2016. I would consider 100k iteration the lower limit, my Easy Passwords extension uses 256k. For reference, I described the threat scenario here:
https://palant.de/2016/04/20/security-considerations-for-pas...
Note that LastPass isn't a good example when it comes to security-relevant decisions. If you are interested, I published a lengthy writeup under https://security.stackexchange.com/a/137307/4778.