Managing Remote Server Password Administration

[shannon...@gmail.com]

We currently have an issue with servers we ship out to customers which
we are chartered with the job of managing. Our password rotation
policy on these servers is non-existent and I am looking to create
one.

The issue I have is how to do it? I am not going to implement a
policy that requires someone to manually log on to every site once a
month or once a quarter to update the password and then store it
centrally as a reference.

What are my options? I suppose we could script something that
automated a root password update based on the current month/year and
the system serial number like we do in ERA but is this a good idea?
Would we be better off finding some software to centrally manage
this?

Feedback, thoughts & advice?