It would be great if you could have Multiple Bypass passwords per policy. That way the passwords isn't shared. Then you can also see when a user needed to use it.