Not really, we have our own datacenter and DNS servers. We have HSMs for somethings (like CA certs) and yubikey/similar for things that require passwords but those are all protected by user-specific certificates.
Yes/no, one exists but its unrelated to my job. Its probably worth noting that we also have sets of accounts that while password protected are essentially considered public. Those accounts are accessible to anyone who knows the well-known standard passphrase
As a company "we" don't have passwords for our company infrastructure, individual users may have passwords for their accounts but those aren't secret/ as important. Its not practical to deploy PKI to and expect ~100K users to use it. As for communal accounts they're almost all for paying for services offered in-house by a group other than yours.
