1. It will get out, even onto the Internet
2. You won't satisfy any data protection regulation as you don't have any ability to audit who is using what
3. Eepc does not support it, as password changes and logins are replicated between machines, so if one user locks out the generic account, it will lock everyone out
It's generally a bad, bad idea. If you have a duty to protect the data, then do the right thing for the pele who would be affected if the data leaked out and protect it properly at least.
I applaud your stance here. I'd go back to the reason you are encrypting in the first place and work out exactly what you need to do to satisfy those requirements.
I know I'm right and I appreciate your support.
Hopefully I will be able to convince the business this is not a good idea. Is there a formal McAfee Guide document “best practice recommendation regarding user names and password that I might wave in front of those that are challenging me.