[jt2190]

There are still a lot of service providers that don't support multiple user accounts per organization, so if you want to share admin privileges (a good idea for redundancy) you're forced to share credentials.

We used LastPass [1] for the following reasons:

1. Works across multiple OS and device types. 2. Passwords can be either "shared" (used to auto-fill forms but not viewed) or "given".

When we did a small layoff, I insisted that we quickly change the passwords for everything [2], and LastPass made it a no-brainer to distribute the new passwords around the organization.

[1] http://www.lastpass.com/ [2] It felt somewhat harsh at the time, but I'm glad I insisted on this, because shortly after one of the founders started hypothesizing that a software bug might be due to ex-employee hacking. I was able to squash his paranoia by reminding him that the exes no longer had access. Eventually we determined that it was a pre-existing bug.

[brianpgordon]

> Passwords can be either "shared" (used to auto-fill forms but not viewed) or "given".

What's preventing someone from filling a password box and reading its value from memory? The fact that this is even a feature makes me suspicious about their security claims.

[Brandon0]

Lastpass acknowledges this and tells you that a shared password can be retrieved, but for most employees, it would be more work than it is probably worth to view that password. Also, as another commenter pointed out, as soon as a employee leaves the company, Lastpass makes it VERY easy for one person to change the passwords and everyone with access gets their version updated automatically.