The second requirement is completely bogus as stated. Knowledge of the password is not required in order to revoke an employee/administrator's privilege.
The first requirement is valid, but I would discuss two things with your boss:
1) The company should sign a legal waiver absolving you from any criminal or civil wrongdoing resulting from use of your logon. Since they have required that your logon be shared, they must acknowledge that you cannot be held responsible for your boss surfing child porn sites on your password.
2) The Discovery problem raised by @Mike Samuel. If there is any legal discovery against your company your boss could be utterly screwed. (and you might point out that there is a relationship with #1 - if you are sued or charged for any offense whatsoever related to your logon, your lawyer would be forced to issue a discovery request.)
Low tech password escrow is a relatively normal practice in my industry. We add "Tamperproof/tamper resistant/Tamper evident" to the requirements set to protect both sides.
Write the password (for a single system) on a sheet of paper. Fold it and seal it in a opaque business envelope. Seal the envelope, sign across the boundary. Now apply tape over the signature and the boundary.
Repeat this for each system.
Now insert all the envelopes into a large manilla envelope. Seal the envelope. You and your boss sign/countersign across the seal.
Store that in the safe. This means the business is protected against the bus factor.
Write policy/procedures for opening that envelope and using the password.
Periodically verify that the envelope is unopened (frex, when you do your normal password change)