No need to set passwords on databases.
Firstly, just remove the guest user from each of your databases to prevent people with valid SQL logins from snooping around in other databases with guest privileges.
Secondly, set up a new login from each user who will access any of the databases on the server. If doing it from Enterprise Manager, under the "Database Access" tab just assign access to the database/s for which each person is authorised.
At the same time you can assign people to predefined database roles (nb. NOT server roles) such as db_datareader in their authorised databases.
Additionally, you can set up your own predefined roles with specific table/view and stored procedure permissions, and assign individuals to those roles.