ggonline Wrote:Can login/passwords be reshared or copied? Can they be shared by someone other than the original owner? I sure hope not. I believe some can be shared in a hidden form (click the link to login without revealing the actual data).
ggonline Wrote:If restricted to one owner-shareduser link and aliases are used for display purposed only, it might work. Aliases would be like a custom name for an email sender not related to any authorization data/credentials, like an brand or tracking name for advertisements. [...] Also, a security and management restriction, the account could only be managed via a single master login. Aliases could not be used to login to the LP acct, only for the one-level of indirection from the owner. That would make it work with and respect 2-factor login for LP itself, and seemingly restrict it to classic plaintext login/password authentication.
ggonline Wrote:The actual login/password/authorization would be a button or dynamic and encrypted link available only via LastPass (in other words NOT reshareable or unless without of LP). The non-owner could use it only from LastPass and not copy or see the actual details.
Unfortunately this isn't possible with today's technologies as described at the link above.
Which goes back to the point about LastPass not being a security enforcement company. They enable password storage and sharing. They cannot prevent a bad actor.
People are human. They give an e-mail address to someone in their own organization, and they want to use it exclusively--not track that firstname.lastname@example.org is also email@example.com. They are sharing to a person, not an e-mail. LastPass needs to stop asking organizations to manage multiple e-mail accounts to work around limitations in LastPass.