I am also curious, because this makes very little sense to me. Is the author worried that he'll get pwned when opening random Keepass files he found on the internet?
More likely a page getting swapped out and password remaining somewhere. Indeed, Python doesn't have builtin[1] means to do, say, mlock(2) on str objects, or assure their contents will be zeroed after variable's not used anymore.
[1] upd: besides ctypes, but not sure if we can consider this builtin or not...
[1] upd: besides ctypes, but not sure if we can consider this builtin or not...