This is a container type for various credentials types: passwords, public keys, one-time password
scheme identifiers, etc. However, we expect that password will be the most widely used credential
type and that's actually also the only supported type.
The reason to "formalize" this structure is the ability to synchronize credentials. If the password
would be just an ordinary attribute, we cannot automatically synchronize user and account passwords.
Similarly as other credential types.
Note: marking password with a special attribute type will not be enough. There may be numerous passwords
with various meanings, we need to distinguish the "primary" one to synchronize. We also need to store
user password somewhere.
This is not perfect. It may change in the future.
TODO: support for "old password", e.g. some resource need it to change password.