a11y: expose the text with password-char

Text exposed by the AtkText methods should be the text
displayed to the user (like the internal method
clutter_text_get_display_text). So it should use the password-char
if it is being used.

This is also a security concern.