Due to internal security policies, some installations may require that two or more people approve the "password view/use" request to make it available to the requester user.
This document deals with this scenario when PAM is involved.
Can I force PAM to require more than one approver in the Password View Policy definition?
Any PAM server version up to the current one (at the moment of the creation of this document is version 3.2.4).
Unfortunately, it is not currently possible to do it with the present PAM server versions (up to 3.2.4), as we can currently only enforce a SINGLE admin approval (not 2 or more admin approvals).
Here below are the 3 different processes that could come into play in the current PAM version: