Enterprise Password Managers
Since secure passwords are practically impossible to remember, the use of a password manager such as Lastpass Enterprise or Roboform Enterprise can make secure passwords much easier for staff to handle. Essentially a password manager stores passwords and enters them automatically when required. But they will only do so when a master password has been entered by the user to activate the password manager. That means users must only remember one password – their master password – rather than a number of individual passwords.
The master password can be recovered by an administrator in the event that a user forgets it. Additional security can be added by requiring two factor authentication to unlock the password manager, such as a Yubico authenticator.
Products like Lastpass Enterprise and Roboform Enterprise generate secure passwords for each new service that requires one, and can impose password policies on these passwords (and the master password) either via a system administrator console, or by using Active Directory password policies.