By using PostMessage(hwnd, EM_SETPASSWORDCHAR, 0, 0) it's possible to unmask password in dialog to copy it later via buffer. It alows to bypass WM_GETTEXT protection.
vulners.com/securityvulns/securityvulns:doc:4213