Just make sure you're using the latest version and set cryptmethod=blowfish2!
Edit: Actually just use gnupg.vim - as nknighthb has explained the UX is just as good as vim's builtin encryption, and then you don't have to worry that this whole thread about vim's builtin encryption was predicated with "...if implemented properly...", which you certainly can't take for granted.
And then reflect on the fact that you're still using a joke of a "KDF". SHA256 1001 times? Really? (And it doesn't even so much as have provision for upping the number of iterations!)
Like TFA says, don't roll your own crypto. GnuPG exists for a reason.
Edit: Actually just use gnupg.vim - as nknighthb has explained the UX is just as good as vim's builtin encryption, and then you don't have to worry that this whole thread about vim's builtin encryption was predicated with "...if implemented properly...", which you certainly can't take for granted.