It can be done, as I've did it. As already mentioned, you will need some serial monitor software, and best thing is to test it on empty Alpha. Make test app and put some test pass, for example 1234, and download it to Alpha. After that start serial monitor, and try to read your Alpha, but with wrong pass (for example 5678). If you look at serial monitor, you will find at and of received message HEX values 31 32 33 34 , and that is position of real password (write this position)... you will find also as sent message hex 35 36 37 38, that is wrong pass. Mentioned nibbles are maybe rotated, I can't remeber, but I know that nibbles are all together (for example 36 35 38 37)
After that you will need to monitor Alpha with locked app and you will find unknown password.