I was having the exact same question. I might be wrong, but I have the feeling that the OP is rather asking if this “rpcuser” and “rpcpasswor” need to be generated by some other program or by bitcoin core itself or if it is the OS login username and password or if we can just make up one at our will.
Most of the examples we see when we search online is always the same:
rpcuser = <yourrpcuser>
rpcpassword = <yourrpcpassword>
And this is useless because nobody knows where to get these data from.
But, seems that we can make up just what we want.
Another questions that arises is that this cannot be a security issue, to have plain text passwords in an unencrypted file like bitcoin.conf.