Shared company accounts is a problem that hasn’t been solved properly, there are multiple issues, amongst them:
- 2FA, especially if it’s to a phone number
- What to do when an employee leaves
- How to store the credentials in a way where someone can’t access just one file and get all of the company’s passwords, from banking to government websites to web services to sys admin passwords.
- How to manage access so an employee can easily find credentials they should have access to, but not get access to credentials they shouldn’t be allowed to access
Maybe I didn’t explain myself well. Currently I have LastPass accounts for each employee. All website accounts are setup under my email username, anyone that needs access, I create their own user account with limited access, or I share the password exclusively with them if I’m forced to.
I can also share access with them and hide the passwords, but on sites that aren’t able to be autofilled in they can’t copy paste which is a problem. I also created a shared folder of passwords that makes it easy to give someone access to a bunch of sites at once.
If an employee leaves I can delete their user accounts and were good. They create all their accounts using my company email address so I have access to that if necessary.
However, overall lastpass has been very glitchy and not fun to use, the free version features worked a lot better than the paid version do right now.