We use LastPass Enterprise for our team. As new employees come on board, we create credentials for them for a bunch of the services we use. I'll use Google Cloud and CloudFlare as examples here.
So user John Doe joins, we create a shared folder called "John Doe" and share it with John. It's also shared with two LastPass administrators so that we have access (I'm one of these admins). In this folder are John's credentials for Google Cloud, CloudFlare, and others.
The problem for me is that when I go to login to Google Cloud, I see not only my credentials but also John Doe's credentials and the credentials of all other recent hires.
Questions:
- Is there a way to indicate that John Doe's credentials shouldn't be offered to me in the login fields for Google Cloud?
- Is there a way to indicate that none of the credentials in a specific folder should be offered as possible credentials? (while I can still retrieve via the LastPass Vault UI)
- Is there a better way to handle credentials for new employees?