If I would get totally paranoid, I would have concerns about keyloggers logging my password 
You are right, encrypt the job files should be sufficient.
Ok, now I have question:
Are the credentials and type of connection for the remote location stored encrypted?
→
I’m going to use duplicati on my computer too and I want to be sure, that Windows (trojan horse, virus, …) has almost no chance to get an access to the remote backup location. Therefor I’m going to use SFTP, because Windows does not “know” this protocol.