Using password into String or Char[] is always debatable because both the approaches had their own utility and disadvantage as well. It depending upon the need which user is expecting to be fulfilled. Below lines may help better in understanding when to use which container : Since String in java is immutable, whenever some tries to manipulate your string it creates a new Object and existing remains untempered. This could be seen as advantage for storing password as String but on the other hand. String object remains in memory even after use. So somehow if anyone got the memory location can easily trace your password stored at that location. While coming to Char[] which is mutable but it had advantage that after usage, programmer can explicilty clean the array or override values. So that after no use it is cleaned and no one could ever know about the information what you had stored.

Based on above circumstances may be one can get Idea whether to go with String or Char[] for their requirement.

Thanks.

It is debatable as to whether you should use String or use Char[] for this purpose because both have their advantages and disadvantages. It depends on what the user needs.

Since Strings in Java are immutable, whenever some tries to manipulate your string it creates a new Object and the existing String remains unaffected. This could be seen as an advantage for storing a password as a String, but the object remains in memory even after use. So if anyone somehow got the memory location of the object, that person can easily trace your password stored at that location. 

Char[] is mutable, but it has the advantage that after its usage the programmer can explicitly clean the array or override values. So when it's done being used it is cleaned and no one could ever know about the information you had stored.

Based on the above circumstances, one can get an idea whether to go with String or to go with Char[] for their requirements.