Same goes for any centralized service you may use. You are still able to copy passwords manually into a text file, local keepass, etc. True, it is easier with a shared keepass, but the challenge is the same if you truly need to make sure a former employee can no longer access anything.