Hide Passwords from Users

Customer forum for LastPass Enterprise

Moderators: azitnay, admin, anatoly_LP, chantieLP, robyn, JoeSiegrist

Hide Passwords from Users

Postby jmh78768 » Wed Mar 30, 2016 4:37 pm

This question may have an obvious answer, in which case, please excuse my ignorance. This is clearly robust software and the questions being asked are usually very detailed, and a pithy version of my question below was just ignored on the Webinar, so maybe it's a dumb one...

The Case: I have employees who need to login to websites with shared usernames and passwords. (These are proprietary customer websites where there is no way to get individual or additional usernames). I want the employee to be able to enter a single password on our company computer, such as a LastPass Master Vault Password (or some other LastPass password type if there are multiple levels) and have LastPass fill the username and password fields. However, I don't want them to be able to see what password LastPass just entered.

Example: Right now on my personal LastPass account, if I "login to LastPass", then I can go to a website that the information is stored for, I can click on the LastPass icon at the top of my browser, I can select "show matching sites" click on "copy password" and paste it into Word (and/or click on Edit, and then "show" and see the password).

Question: Is there a way to make it so that it fills in the password, but the user can't see what that password is?
Posts: 1
Joined: Wed Mar 30, 2016 4:08 pm

Re: Hide Passwords from Users

Postby jpenny84 » Thu Mar 31, 2016 11:31 pm

There are methods to restrict the viewing of shared passwords in the LastPass environment, but ultimately, after it is inserted into login fields in the browser, the password is subject to either viewing or capture by savvy users.
Posts: 8860
Joined: Tue Mar 06, 2012 9:10 pm

Re: Hide Passwords from Users

Postby qtyj12322 » Fri Apr 15, 2016 5:59 am

Do you get the answer ?
Posts: 4
Joined: Fri Apr 15, 2016 5:01 am

Re: Hide Passwords from Users

Postby mike808137 » Sat Apr 16, 2016 2:34 pm

You can, but you will need to use the "folder sharing" feature available only to premium and/or enterprise customers. You will have a "corporate" account that shares a folder with your separate "employee" accounts that can be given read-only access to the passwords you put into the shared folders and control from the "corporate" account. It is not a feature that comes with the "free" accounts, although I believe that the free accounts can be the employee accounts, they just can't share anything back or have their own shared folders. I don't have or need that kind of setup, but I think that's how it might work for you.

As others have said, if LastPass, at whatever point, has the password and is pushing it into your browser viewing a login page, the browser can see the password at that point. To do better than that, the website would have to use multi-factor authentication or one-time-password tokens, and that's not something you, as the user of the website, get to decide, unless it's your website.

While you can add multi-factor to LastPass, that's just for accessing LastPass, not for the websites whose passwords you store in LastPass. It does not magically add two-factor or multi-factor to the internet, unfortunately. Whoever figures out how to do that will be very, very wealthy.
Posts: 288
Joined: Tue Feb 24, 2015 12:04 pm

Return to LastPass Enterprise

Who is online

Users browsing this forum: No registered users and 4 guests