I encountered a quite juicy security leak regarding shared credentials. In LastPass you have the option to share credentials but hiding the actual password from the receipient's eyes. But if you log into any web account using this credentials via LastPass the browser will ask to store the credentials in it's local / shared database. From there (e.g. Chrome settings) you are able to view the password.
Is there any way to prevent this? (Although I can imagine that LastPass does not have an influence on that)