How to detect if password protection is active via SQL or postmeta?

Hello there!
I’m building a custom admin tool to manage WPDM files via a standalone PHP script (An old habit. A large number of files need to be updated, and I don’t want to do it manually). The goal is to display all downloadable files that do not require a password and allow enabling/disabling the CAPTCHA lock (__wpdm_captcha_lock) using AJAX.

Here’s what I currently do:
I query wp_posts for all post_type = 'wpdmpro' and post_status = 'publish'.
Then I filter out files that have a non-empty __wpdm_password meta_key.

I use the absence of that meta value to determine that a file is “not password protected”.

However, I’ve discovered a problem:
Some files have a password value stored (i.e., __wpdm_password is present and non-empty), but password protection is not actually active when viewing or downloading the file.
These files are currently excluded from my list, even though they’re publicly downloadable.

Question:
Is there a reliable way — via SQL or the postmeta table — to determine if password protection is actually enabled, not just whether a password value exists?

I could not find any meta_key like __wpdm_password_active, and I suspect the plugin stores the value but doesn’t always use it unless another condition is met (e.g. checkbox on the edit screen?).

Any insight into how WPDM handles password activation logic internally would help a lot.

Thanks in advance!

Good afternoon.
Thank you for your prompt response. I will review it and try to answer you.
Have a nice day!