My comment above has a mistake: I should have used cat <<<"..." instead of echo "..."
I refined my answer here: https://stackoverflow.com/a/66056079

3 things to consider with this tip:

It will fail if username or password contains a double quotation mark "

It precludes the use of STDIN for anything else, such as POST data using --data @-

password.txt cannot have a trailing newline

Refinement #1: Use sed to escape any embedded double quotation marks:

readonly USERNAME=username
readonly PASSWORD='pa ss"wo$rd'
curl -v -K- "https://httpbin.org/basic-auth/username/pa%20ss%22wo%24rd" \
  <<<"user: \"$(sed -E 's/"/\\"/g' <<<$USERNAME:$PASSWORD)\""

Refinement #2: Use process substitution instead of STDIN
readonly USERNAME=username readonly PASSWORD='pa ss"wo$rd' curl -v -K <(echo -n "user: \"$(sed -E 's/"/\\"/g' <<<$USERNAME:$PASSWORD)\"") "https://httpbin.org/basic-auth/username/pa%20ss%22wo%24rd"
Now STDIN is available to use for supplying the POST data when using the --data @- option.