Honey credentials unique or static?

Currently we have honey credentials deployed with a customer which is under attack. Over the weekend we got multiple attempts to access servers with the honey account which really helps us understanding which workstations are involved. The only thing that I was wondering about is, are the credentials unique for every insight agent (asset) or are they the same on each asset?

The reason that I ask is because if they are compromised on workstation A then the attacker could be trying them from workstation B to avoid being detected on patient zero.

Does any one known this?

It’s the same

Honey credentials are fake and cannot be used to authenticate. They are simply there in memory as a trap. When used they alert.

If you’re referring to honey users, those id’s live in your AD and would have whichever password you set.