There are a number of things that should be avoided at all costs.
Do not let users within your organization share login credentials. If logins are shared, then secrets need to be rotated everytime someone leaves the company. Also, audit trails are ineffective as they cannot adequately attribute changes made by individuals.
This is a companion discussion topic for the original entry at https://docs.cloudposse.com/secrets-management/anti-patterns/