How do you manage team passwords?

Well, if you cannot trust your leaving employee to keep his confidentiality agreement - you have one, right - than you will need to change all password.

I do not see how this has anything to do with how you store the passwords in the first place.

If the problem is, that he sees more passwords than necessary, why not have multiple keypass databases?

Encrypted 7-zip with an encrypted keypass file inside, stored on highly audited and logged PCI server.

Certainly not in a cloud service, as that puts the creds in a 3rd party data processor.

Creds rotated as people move around.

We have a local file server with keepass, its not great we have problems with one person locking the file and no one else can save details to it. I want to switch to something like syncthing so every one gets a local copy thats kept in sync, im hoping this will fix the locking issue.

We have too many accounts to change when some one leaves so we just change them all once a year.

We use LastPass Enterprise with 2FA to share relevant credentials with the required groups.

We avoid services that don’t support multiple users and two factor authentication.

I've used EnvKey for a few side projects that involved collaborators.

Excel spreadsheet on a highly secure, intranet-only SMB share. Not even joking.

Keybase + bitwarden