This is needed for LastPass Teams Shared Folders, but should apply for other kinds of accounts as appropriate. Currently when using "Invite Users or Groups:" to add a user to a shared folder, you can select Permissions of Read Only, Administrator, and Hide Passwords. Add a new permission you can select AT THE INVITE STAGE of "Add Available only (always add new items as Unavailable". This is needed because, as the system works now, there is a MAJOR SECURITY FLAW in the system now as it exists! Example: Create a folder with 4 records in it. Make it a Shared Folder. Share it with someone in your team. You can now click the wrench to edit their permissions, select "Add Available only (always add new items as Unavailable" and the select the records to share by dragging then to the right-hand column. Save that selection. Now invite a person who is NO in your team, or just who does not have sharing keys created. Once you invite them you are NOT able to edit their sharing permissions until they accept the invite and create sharing keys. This mean that if they create sharing keys THEY GET ACCESS TO EVERY RECORD IN THE SHARED FOLDER before you are able to restrict them to specific records. THIS IS A MAJOR SECURITY FLAW. Allowing the selecting of "Add Available only (always add new items as Unavailable" WITH the step of inviting the person then means that the person has access to ZERO records when they accept the invite and/or create their sharing keys instead of having access to EVERYTHING.
... View more