It is always a risk if the user name & password is equal. You can run the below script to find out the list of User/Login name & password which are equal.

select  
cast(@@SERVERNAME as varchar(150)) as SQLInstanceName
,name as [LoginName]
,'Password is same as Login Name' [Description]
from sys.syslogins
WHERE PWDCOMPARE (name,password) = 1