I work in I.T. specialising in Disaster Recovery and Business Continuity. Now one of the challenges all major companies have is how to handle the plethora of passwords at the DR facilty. In the days when operating a mainframe there were maybe 10 key passwords and these would just be put in an envelope , stapled closed and stored in the 'battle box' at the DR facility. Now you can imagine a modern day I.T shop with all the diverse technologies and upwards of a thousand I.T staff alone.... How many passwords are there...how does one identify key passwords? Also with enforced password changes every 6 weeks ....

You understand the problem?

So I had a word with our security officer on his take. First though I suggested that we have a directory on our fileshare appliance where we store the passwords in a password protected excel spreadsheet with an innocuous name, like breadrecipes or petrolslips. The fileshare has literally millions of files and directories and is synchronously replicated to the DR facility.

Nope he says, that is too insecure. And he heads off to a Password Manager vendor and sets up a Proof of Concept exercise . The long and the short of it is that vendors primary facility was hacked that same week!!!
To my mind hackers are more inclined to target sites where they KNOW that there is something worth getting access to. After all if you want honey do you wander randomly around the meadows hoping to stumble on some..... Or do you go look for a beehive??

Thanks though for answering my request @dhumphrey... There are some good points to take out of your post...I am just not in the Password Vault camp.