I think connection traces are the most convenient way to capture the credentials for example for password recovery.
Why do you want to store the data into a user-defined property or write them to a log file? That does not sound like something you want to do in regards to privacy concerns.
You want to get access to the request body of content type application/x-www-form-urlencoded. In MWG 7.4 you can enable openers and parse body.tostring property yourself, in MWG 7.5 you can use property Request.POSTForm.Get(parameter).
We want to check that users does not exchange credentials between ones (in MWG log we have domain login and corresponding site.int login - so we can pass this information to SIEM and alert when another user use the existing site.int login).