integer, yes it does support filtering because that's even why the dropdown is empty by default, even if you already have user/password credentials configured.
The amount of actions needed for configuring GitHub takes ridiculous level. Once the user is reaching the "GitHub Server Config" section in the config, not only that he faces an empty credentials dropdown but in order to add the missing credential-tokens, he needs to scroll to the Advanced button, scroll down again to reach the "Additional Actions" button, and click the only action there which helps him generate the tokens.
I bet that over 50% of the users do need to google in order to be able to configure the credentials, probably spending half-an-hour for something that should take ten seconds.
I raised this bug after googling for the solution the 3rd time in one year. Yes, even after reading the solution, you will forget it sooner or later.
Regarding difference between token and password. I doubt there is one real difference between tokens and passwords. As far as I know tokens are just "special passwords", login process (api calls) being the same as using a plain password. I am not sure about GitLab, but I am sure about other systems that allow tokens, including Jenkins itself.
Have you tried to use tokens? Using login/password is strongly not recommended. For converting login/password UI has helper.