I was curious about KeePass as well, so I downloaded the source. I haven't done anything resembling a source audit, so I can't speak to implementation flaws, but the design seems solid (to my admittedly amateur eyes).
KeePass databases are AES-encrypted with a 256-bit key. The key is generated from your passphrase with a user-configurable number of bcrypt rounds, followed by a single SHA-256 round, to reduce it to the 256 bits needed by AES.
KeePass databases are AES-encrypted with a 256-bit key. The key is generated from your passphrase with a user-configurable number of bcrypt rounds, followed by a single SHA-256 round, to reduce it to the 256 bits needed by AES.