Actually KeePass uses a sort of static data file. The database is, as far as I can tell, an xml file which is then encrypted.
Sure running known software means you're more likely to get pwned. But for cracking KeePass someone would most likely need to either a) get your keepass file and password or b) get malware on your computer which includes a keylogger.

Either way, if you get that far, you're SOL. If your passwords reside in a plain text file somewhere, anyone with malware monitoring your computer could likely tell the file is opened shortly before password entries are made and certainly read the passwords for various things as you enter/paste them.

Security through obscurity is oft cited as a horrible thing. If it's your only line of defense (password file) then yes it's horrible. If it's combined with some good actual security it suddenly starts making more sense. A way to increase security for KeePass and other security softwares would be for people to compile it themself, having a buildscript create executables with different names and locations for different people, maybe some code-based salt added to the file scheme. That's about as safe as you can get unless you take it completely off your computer.

Thanks for the help!
I'm using KeePass now.
Is there any must-have plugin I should install, or I should be fine just using the program without them?
I'm using version 1.29 (KeePass Classic Edition).
http://keepass.info/plugins.html

For fun.

Hey, Slaugh!

I use lastpass free and I use it on all my devices. I'm not sure what premium gets you.

lol, thanks. Looks complex to use =/

1)  No sync limit, can be used on unlimited devices.
2)  Joint account management.
3)  Additional authentication options, including YubiKey, Sesame and biometric authentication.
4)  Full Web access on locked-down computers.
5)  Priority support.

ah! Thanks. Good to know I ain't missing anything I need at the moment