As many here have recommended, where possible employ authentication/authorization mechanisms which are not reliant upon account+password for everything. OIDC, OAuth2, Kerberos[0], and Active Directory[1] are all technologies worth considering.
Where possible, employ a per-developer sandbox development environment such that each can have a representative system able to support feature/integration tests without having to rely on the CI/CD workflow or a fully replicated production environment.
All of the above share a common theme - limit shared access while maximizing productivity.
As for access to support tools, like source code repositories, ticketing systems, wikis, HR systems, and the like, automate where possible to create the requisite accounts and recommend use of a password manager for same.
EDIT: bonus points for using a private organizational GitHub repo configured to execute GitHub actions that create the above support accounts when a new-hire PR is approved by authorized personnel.
As many here have recommended, where possible employ authentication/authorization mechanisms which are not reliant upon account+password for everything. OIDC, OAuth2, Kerberos[0], and Active Directory[1] are all technologies worth considering.
Where possible, employ a per-developer sandbox development environment such that each can have a representative system able to support feature/integration tests without having to rely on the CI/CD workflow or a fully replicated production environment.
All of the above share a common theme - limit shared access while maximizing productivity.
As for access to support tools, like source code repositories, ticketing systems, wikis, HR systems, and the like, automate where possible to create the requisite accounts and recommend use of a password manager for same.
EDIT: bonus points for using a private organizational GitHub repo configured to execute GitHub actions that create the above support accounts when a new-hire PR is approved by authorized personnel.
0 - https://en.wikipedia.org/wiki/Kerberos_(protocol)
1 - https://en.wikipedia.org/wiki/Active_Directory