In a previous position infrastructure was spun up in the cloud with a guid password generated at the time of creation. Once the configuration of the hardware was finished the account was disabled. The process of spinning up hardware was entirely automated so at no time was the password known to any individual.
For any piece of hardware we had to define what that hardware configuration should be using templates and Puppet scripts. If you got the scripts wrong then you weren't allowed to stumble around on the box until you got it right, you had to correct your scripts so the action was entirely repeatable. This approach made for an extremely robust and secure system.
When I started my career on an HP3000 mini-computer the "God" account was only available from the physical console attached to port 20 of the mini-computer itself. Yes, with sufficient privileges you could elevate yourself to a sysadmin but that wouldn't give you everything that the physical console could do.....until someone released a utility that provided three commands that allowed you to do so.
- god - Emulate the console logged in as sysadmin
- mortal - Drop your privileges back to normal
- tit - Emulate a normal user
This was in the time before political correctness was invented.