[splitdisk]

I always had a feeling that KeePass was likely not much better than a flat text file, or piece of paper with all my passwords on it. Thank you for confirming this.

[ronreiter]

It's much harder to inject code to a running process and steal information, assuming the user entered the encryption key and didn't close the app in time, than to just look for all text files on the computer and read them.

[splitdisk]

True, thank you for this clarification. I myself use KeePass but it's more for convenience of password generation and storage than anything else.

[baal80spam]

Not sure how your comparison relates to this article. It's a completely different attack vector.

I, for one, will keep using KeePass and sync my database between devices via cloud services.