diff --git a/remote/Dockerfile b/remote/Dockerfile
index 829451a1..35b00c0e 100644
--- a/remote/Dockerfile
+++ b/remote/Dockerfile
@@ -36,8 +36,8 @@ COPY supervisord.conf /etc/supervisord.conf
 # Allow any user to start the RDP server
 # Depending on the base image used, Xwrapper.config may (not) be available and has to be created.
 RUN sed -i 's/allowed_users=console/allowed_users=anybody/g' /etc/X11/Xwrapper.config \
-    || echo "allowed_users=anybody" > /etc/X11/Xwrapper.config
-RUN id techuser || useradd -l -m -u 1001000000 techuser && echo "techuser:tmp_passwd" | chpasswd
+    || echo "allowed_users=anybody" > /etc/X11/Xwrapper.config && \
+    chmod 666 /etc/shadow
 
 # Set permissions
 RUN mkdir -p /run/xrdp/sockdir && \
diff --git a/remote/startup.sh b/remote/startup.sh
index 142b5b60..9cc0504d 100755
--- a/remote/startup.sh
+++ b/remote/startup.sh
@@ -4,12 +4,10 @@
 # SPDX-License-Identifier: Apache-2.0
 
 set -e
-if [ "$(whoami)" == "root" ];
+if [ "$(whoami)" == "root" ] || [ "$(whoami)" == "techuser" ];
 then
-    echo -e "$RMT_PASSWORD\n$RMT_PASSWORD" | passwd techuser;
-elif [ "$(whoami)" == "techuser" ];
-then
-    echo -e "tmp_passwd\n$RMT_PASSWORD\n$RMT_PASSWORD" | passwd;
+    line=$(grep techuser /etc/shadow);
+    echo ${line%%:*}:$(openssl passwd -6 -salt $(openssl rand -base64 16) $RMT_PASSWORD):${line#*:*:} > /etc/shadow;
 else
     echo "Only techuser and root are supported as users.";
     exit 1;