Kubernetes when to use secrets instead of configmap?

Secrets are stored encoded and over time will become more protected (e.g. limited access, encrypted at rest, etc). Secrets existed before ConfigMap was created, so until recently it was common to store configuration data in secrets (e.g. conf2kube).

You should use secrets for sensitive data (database passwords, private keys) and ConfigMaps for non-sensitive configuration data.