Hi,
I "forced" the same password every time a customer would change it in the app.
So the customer sees "one change password" but in the background there were two happening, one per each product.
Now what your next question may be and the answer sucks is this:
What happens if the customer resets their password?
Then you need to find the answer in this other thread:
After that, I started creating all products with two-legged auth, since simple auth comes with... drawbacks and you still need some sort of backend to manage the password reset.
Ever since I started using Firebase (on Google cloud) with their auth, these problems went away, since now the google cloud manages the auth and passwords and not my app or the particle cloud (yes, the particle clouds needs a shadow customer, unless you claim all your Particle devices under one account and do the split/management on Google Cloud).
Let me know if you have more questions!
Gustavo.