As a rule, you never ever store passwords in plain text, always encrypted. I have seen an organisation accidentally share a Google Doc with all their credentials in by mistake. There are many horror stories out there.
You also want to generate super long random passwords. With the right software, you only need to remember one master password and then it’s just a matter of a copy and paste. That’s individual 128+ character passwords for everything.
If you need a pass word that you can remember, it’s best to chose six or more random words with a space between each. You can use KeepassXC for that.
I personally would stay away from browser/server based stuff. For my own stuff, I use KeePassXC and Syncthing to keep in sync between devices. No servers to compromise and everything is decrypted locally.
In terms of sharing within a group:
You could either share a keepass file which is synced between users using something like Nextcloud, Syncthing et al. Only ideal if you want everyone to have access to all credentials.
What we do in Autonomic is have a pass repo in git which is encrypted to member’s PGP keys, including sections only accessible to particular members (e.g. a user password that only that user needs to access). Pass is extremely flexible. We really should document our setup at some point, it’s really cool. Kudos to @decentral1se.
I guess if you want to go fully commercial/proprietary, I hear people use LastPass with degrees of success.
Hope that helps
Feel free to ask any questions folks. Tech nerds love talking about this stuff