And they didn't
Sorry, as much he is responsible but any time a person in some sensitive role leaves the company all the passwords he/she had access are changed automatically for next person in that role. This was in 70's and it has been the rule in all the systems I have designed since then. No exceptions, be it a CEO, developer or one of door guards. Weird? Not too difficult, one role has just a limited access so there are not too many things to change. Now, of course, I do get arguments as what about this and that password? It is vital to use two way passwords, you have an access to system generating / assigning the needed password which will never released to anybody, no need for that. Block the access and good luck trying to find the real password(s). You design that right, remember changing technology / platforms / even languages and it works. Forget politics!