When trying to execute Windows to z/OS transfer receive this error: XCOMM0257E ACCESS DENIED BY SECURITY INTERFACE
The user credentials are correct, but still the problem persists.

The message XCOMM0257E means that whatever security package is being used on z/OS (RACF, TOP Secret, or ACF2) has not authorised the user credentials. If check the z/OS JES message logs for the XCOM task it should contain more details about the error.
One possible root cause is if a mixed or lowercase password is being used, assuming that is supported by the z/OS security package.
For that scenario, the XCOM for z/OS CONFIG file must have the parameter LOWERCASE_PSWD set to YES to support that. See related article: XCOMM0257E "ACCESS DENIED BY ..." using mixed case password.

The user advised that, without changing the above parameter, he changed the password and XCOM then accepted it. It appears that the original password had some special character(s) that XCOM did not interpret correctly.
XCOM Engineering has advised that the rejected password symptoms could be codepage related.
XCOM uses a fixed internal table for ASCII <-> EBCDIC codepage translation (ASCII 437 and US EBCDIC 037) to guarantee consistent hex values for translation.
However, when using codepages other than the above, the use of a special character may result in a hex value that does not correspond to the same character under those internal table codepages and thus there could be a translation problem.
Sometimes users implement their own tables to prevent such problems with the actual transferred file content but those tables then apply to all transfers: XCOM™ Data Transport® for Windows 11.6 Service Packs > Using > Command-Line Interface > How to Create Custom Character Sets for File Conversion
It is not suggested to do that for just a password problem. The above explanation is just to provide awareness of the potential impact of using a non-US codepage on Windows (or on a z/OS 3270 terminal emulator) when the password contains a special character.