No, this is not what this method does. It performs two kinds of authentication for the specified user - password authentication (just like Login(userName, password)) and publickey authentication (just like Login(userName, privateKey)). This is needed for user accounts configured to require the client to perform both of these authentication. This kind of configuration is not very common. Usually, you either need to call Login(userName, password) and Login(userName, privateKey).
Username and password are not encrypted with the private key. However, SFTP runs over SSH, which means they are transmitted over a secure and encrypted SSH channel that has been established during the Connect method. To determine how exactly the SSH session has been secured, see Sftp.Session.Cipher object. For additional information about the kind of security offered by SSH, see 'Introduction' in RFC 4521. Also, don't forget to validate the server's public key fingerprint before authenticating to make sure you are connecting to the desired server. See Server verification for details.