I would certainly not have something that automated the process. If you got audited, that would be a red flag right there. Of course, your security policies may allow this - it's something you should check.
There's nothing stopping you HAVING the same password for each user, but to have a documented/semi-automated process is not a good idea. Personally, I have a set of passwords that I group into 'super-critical' (which all have different passwords), 'Production', 'QA', 'Development and Test'. Aside from the 'super-critical' set, that only means you have to remember three passwords, which is not that bad.
Of course, you could just create a .sql script which you run from a box which has all the TNS aliases you want available.