It will now:
sessionOptions.PrivateKeyPassphrase = "abc";
So, it's your log file. Filter the password before writing the entry to the log.
What log is that?
session.OutputDataReceived += SessionOnOutputDataReceived;
private void SessionOnOutputDataReceived(object sender, OutputDataReceivedEventArgs args)
winscp> open "sftp://logn:email@example.com:22" -hostkey="ssh-rsa 2048 ..." -timeout=15