A friend of mine, Micheal, provided a good example of when things can go wrong with passwords. Micheal's comments to last weeks newsletter was:
I had a client where 13 people knew the super-user password to the timesheets application - which fed timesheet data to the payroll program. It had just happened that way over time as people got lax.
Needless to say everyone took advantage of the opportunity to their benefit...
It is important that as people move from position to position within the organisation, their roles are reviewed which includes what systems they should have access to and what passwords they have ability to use. Master passwords should be changed when people who have had access to those passwords change positions or unfortunately, the above may happen.