We should avoid circulating passwords at all, in order to avoid this passwords should be stored in a password manager and grant access through the password manager.
Some solutions:
- LastPass (popular but proprietary and not free)
- KeePass (popular, not on the cloud, database needs to be circulated)
- Bitwarden (open source, seems to have cloud solution, to investigate)
- Passbolt (open source? and self hosted, to investigate)
I need to do some research on Bitwarden and Passbolt as they seem good candidates. Will update once the research is done. I personally I am only familiar with LastPass and KeePass but the disadvantages mentioned above make them not suitable for us.