On your network create an account named Admin or Admin_APT or something along those lines if you already have a primary Admin account (which is likely) and insert the password in the password hint section. Set the login hours for that account to 0 and link it to some kind of prompt, this means if there is an Active Persistent Threat (APT) you will immediately know there is someone on your network or attempting to access your network and you need to do a scan immediately. You've given them the password but they won't be able to login because the maximum login hours is 0.
How to set this up: https://www.howtogeek.com/123568/how-to-get-email-notifications-whenever-someone-logs-into-your-computer/