What is the best practice for managing override passwords?