Password questions

I use TeamViewer to connect to my remote users. My users don't use TeamViewer. No one else is connecting to their machines with TeamViewer, and they're not using Teamviewer. It's just there and ready for my IT assistance.

I have a "personal password" set on the user machines, so I can access them at any time with that.

I also added Easy Access to my IT TeamViewer account. I'm not sure if it's wise to have the personal password there for extra options to connect or if that might be more of a security risk. I'm leaning toward having both on user machines though. My IT account is the only account that will connect to the user machines.

Years ago on an older version of TeamViewer we had issues with the "keep current" password option. I think it was putting an extra box up for the user or on the IT side we couldn't connect. I'm looking at that again.

I see this section.

Advanced -- Advanced settings for connections to this computer -- Random password after each session -- keep current, generate new, deactivate, show confirmation.

And on the main TeamViewer screen on a test user machine it does have the machine number and the password. This is the password that the "keep current" option references, yes? I'm concerned a user could use the machine code and that password to connect to their machine or give it to someone else to connect to their machine. Is this "keep current" password needed if I have a personal password on the machine? If it's not, maybe "deactivate" will get rid of that extra machine password?