Shared folders permissions

cancel
Showing results for 
Search instead for 
Did you mean: 

Shared folders permissions

Shared folders permissions

Hi LastPass Team,

 

We have many logins that we need to share between departments.

I dont want to create duplicate items incase a password reset is needed or details need chaning and then you need to keep track of all the copies which is not a good option.

You have recently added a feature to add users to folders and grant them access to only specific logins which is great by the way!

Unfortunatly once you ad a user to the folder (Which might have subfolders) they are added as an allow all rule to have access to all the items in the folder. There is no option to add a user to the folder with a deny all and then grant access to the logins that they need access to.

This is highly unsecure! As I dont want to grant access to all the logins in the folder, I might only need to grant acces to 3 items out of 100. It is such a shame this feature has not been implemented to have the option when you add a user to a folder to either allow access to all passwords or deny all, in which you would need to manually add the logins they need. 
In addition even when I manualy deny all and add the logins to the users that they need access to,  any new login created for that folder all the users automaticly get them added to their allow list... also great if it is for a user who has access to all the logins. But doesnt make sense when you are allowing a users to only access a few logins and i will need to remove access to all the users in the folder that are not supposed to have access to the new login that was created.

Not secure and very easy to forget to do when adding many logins to a shared folder.

Please let me know if this feature can be added asap or if there is a suggestion from you how to best managed shared items,

Kind regards,
Leead

1 Comment
JayMeIn
Active Contributor

Totally agree that there needs to be a way to add a user to a folder while sharing NONE of the logins in the folder until you specifically select which ones to share. Sharing all as an UNCHANGEABLE default is totally insecure.

 

But the security hole is even larger because if the user doesn’t have a LastPass account yet then you have to wait until they create an account, at which point they will have access to all passwords in the folder before you can go back in and restrict to only those selected. Incredible that LastPass missed this GIANT SECURITY HOLE.

 

(Note that unless it has changed recently, for me, if I have a user for whom I am specifying a list of passwords in a folder to share, adding a new password correctly does NOT share the password with the new user. Doing so would be terrible and expose all kinds of passwords.)