[java-man]

Sharing of credentials negates the very reason said credentials exist in the first place.

[varenc]

While I don't disagree in theory... practically there a number of services that have one "owner account" that represents an organization and a business needs to make sure they have control of that account regardless of personnel changes. PyPi and Rubygems are examples from an old job.

Even when a service, like Twitter, does have multi-user/multi-owner identities in some business plan this might not make sense for small teams.

[java-man]

A right solution would be a proper key management where each participant maintains his/her password/passphrase that unlocks group credentials.

Otherwise, a bullet proof audit trail with external timestamps would be required.