[VLM]

"guarantee that two users won't share the same password"

routers with hard coded passwords in the config don't have users. Device passwords. Often the console/telnet and enable password are the same so there is "a" password.

Of course you could implement as a network admin a psuedosalted standard like our router password shall be prefixed with hostname, "hostnamereallylongcomplicatedpasswordthatsthesameforallhostnames" then rainbow tables will barf because each individual device password begins with a different hostname, even if all of them end with the same "l33tpass0rd" or whatever.

This is assuming you have a sensible hostname strategy, or even assign "real" hostnames to your routers. I suppose people like that who haven't caught up to that newfangled "DNS thing" could use a unique router ip addrs, although now we're assuming a sensible ip allocation scheme and network design. This is kind of reading like Dante, isn't it.