The parameter to send a mail when user created in backend is available in the plugin and it indeed does not offer the possibility of adding or not the password in the mail.
Honestly, when a user is created in backend, someone HAS to send that person a password, even if temporary...

I would like to control how I send the user the pw. Maybe I choose to create an encrypted document with the credentials and and store it in a secured folder where only he has access? Or he is sitting beside me and I tell him personally? If it is sent automatically and I cannot prevent this, it might be seen by somebody I don't want to.

You may just set this parameter to NO and do what you like after as you do know the user email you just created.

Also, you can modify with an override the string concerned:

PLG_USER_JOOMLA_NEW_USER_EMAIL_BODY="Hello %s,\n\n\nYou have been added as a User to %s by an Administrator.\n\nThis email has your username and password to log in to %s\n\nUsername: %s\nPassword: %s\n\n\nPlease do not respond to this message as it is automatically generated and is for information purposes only."

Last variable is the password in clear.

Oh, that's great! I didn't think about the language override! So at least I AM able to control it. Still, I think it is a bit misleading to offer this switch in the user options and not make clear it only affects users created in the frontend

Dont forget that when you create the user you can set that they must reset the password. That means that it doesnt matter that this password is sent in plain text as it will not be the user password.

Closed as expected behaviour

Last but not least: If you create the user in backend and take security seriously, you don't enter the password but leave it empty. This way it is randomely generated and only the user gets to know it. You will not know the password at all and can't send it through other channels.