Would it be secure enough if you generate a random password for every users? Or will that bring other issues?