I’m the IT administrator for a small company (30 employees) The person before my time kept a list of all the users passwords. That person has since been moved out of the admin role and into another, but still at the company. I’ve since changed the administrator password (of course) and forced a password change by all the employees. My question is: should I continue the policy of keeping a list of the users passwords? I can do this by assiging them password or having them choose their own and report it to me?
Thanks