Also came across this issue, where we saw the password printed in the env var printout for each job. I had changed from the -password option to -passwordEnvVariable because when upgrading from v1.16 to v2.0, the -password option interprets a leading '@' in the password as a file reference.
So the bad news is that with v2.0, you can't directly pass in some passwords, but if the -password value starts with @, it's treated as a file. I couldn't find any documentation on this, but perhaps I missed it.
This issue should be resolved as Fixed.