Keeping and maintaing a password list [duplicate]
Solution 1:
I always do this with a flat text file, encrypted to all the relevant admins' GPG keys, under source control.
This has several advantages. Firstly, it makes you make all your admins install GPG, use it, and generate, and exchange, keypairs. This has a lot of knock-on benefits in security terms (eg, admins can authenticate requests from each other, which makes social-engineering attacks much harder).
Secondly, the security's not in some centralised application, but in the individuals' key management. You can hack the server that stores the encrypted file all you like, all you'll get is ciphertext. You can keep a local copy of this file on any device that suits you without endangering anyone's security, and without having to install any application other than GPG (which anyone working with security should have around anyway, see above).
Thirdly, because of the source control, you can always step back to find out what the company-wide desktop root password was three years ago, when someone digs a machine out of the basement and insists it needs to be resuscitated right now. You encrypt the current version of the document only to the keys of the currently-serving admins, but you can always add an escrow key for emergencies (passphrase and private key stored in a secured, tamper-proofed medium, and only ever used once - generate a new escrow key if the current one ever has to be used).
Solution 2:
KeePass is a password manager I find very usefull, it's cross platform, has features like generating passwords and maintining expiration dates etc.
But it is a single user tool so i'm not sure it fits your needs unless you disallow your users to change their passwords and instead do that centrally. Whether or not that is feasible/acceptable will depend on your security policies.
It's probably best (in turns of policies and the like) to have each user maintain his/her own password and use admin privileges to reset the password of a user who has forgotten his/hers.
Solution 3:
As said above KeePass + i use Dropbox to sync the kdbx over multiple devices (PC, Notebook, Android smartphone, it's everywhere).
You can even set password expiration dates there to remind you.
That's pretty much the best tool on the market right now.
As for password policies i think you should find what's the best for your company yourself, just use common sense or google for the best practices, ex. MIT policies.