No, Vim isn't going to remember the password. That's not secure. I don't think that's the issue anyway.

Could you add

let g:GPGDebugLevel = 2
let g:GPGDebugLog = expand('~/gnupg.log')

to your vimrc, restart Vim, and open the file? Once you've done that, please post the contents of the log file here.

wrt security I don't think it makes a big difference if I type password 3 times or vim keeps it in memory while file is open. if some process can read the passwd from vim memory, I guess it can as easily capture keyboard (or easier).

But the risk to type password twice with caps lock or wrong keyboard locale is substantial and I would like to avoid that risk.

Debug log from opening the file here:
GnuPG: gnupg.vim 2.5
GnuPG: command: LANG=C LC_ALL=C gpg --trust-model always --use-agent --version 2>/dev/null
GnuPG: output: gpg (GnuPG) 1.4.12^@copyright (C) 2012 Free Software Foundation, Inc.^@license GPLv3+: GNU GPL version 3 or later http://gnu.org/licenses/gpl.html^@This is free software: you are free to change and redistribute it.^@there is NO WARRANTY, to the extent permitted by law.^@^@Home: ~/.gnupg^@supported algorithms:^@pubkey: RSA, RSA-E, RSA-S, ELG-E, DSA^@Cipher: 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH, CAMELLIA128, ^@ CAMELLIA192, CAMELLIA256^@hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224^@Compression: Uncompressed, ZIP, ZLIB, BZIP2^@
GnuPG: public key algorithms: RSA, RSA-E, RSA-S, ELG-E, DSA
GnuPG: cipher algorithms: 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH, CAMELLIA128,
GnuPG: hashing algorithms: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
GnuPG: compression algorithms: Uncompressed, ZIP, ZLIB, BZIP2
GnuPG: this file is symmetric encrypted
GnuPG: cipher-algo is AES256
GnuPG: decrypting file
GnuPG: command: silent r !LANG=C LC_ALL=C gpg --trust-model always --use-agent --quiet --decrypt '/home/.gpg' 2>/dev/null

It does make a difference in terms of security. GPG is able to lock its memory to avoid some scenarios where it would be possible to read sensitive information. This is why the plugin lets GPG (or other security tools) handle all sensitive information.

As far as why you're having to enter the password twice, it's because you're using symmetric encryption (simply encrypting the file using a passphrase)

GnuPG: this file is symmetric encrypted

instead of asymmetric encryption (using your GPG key). The pinentry/gpg-agent tools only work with asymmetric encryption.

This isn't the default, so you either added something like

let g:GPGPreferSymmetric = 1

to your vimrc or you're opening an existing file that was symmetrically encrypted.

Yes, it is an existing file. I can see how it makes sense to avoid saving your password with asymmetric encryption. But for my use case, I believe implications are different.
Especially in asymmetric case, the password is much more valuable than data where in the symmetric use case, password is worthless if you give up the data (assuming password reuse is not involved).

Would it be possible to have saving of password enabled by a configuration switch? It needs only be done for symmetric encryption?