An attacker may be able to read the unencrypted swap space on disk. In this scenario it makes sense to encrypt passwords in memory and store the key in a locked page.
This isn't true anymore. Newer versions store a SHA-256 hash of the header inside the encrypted XML. At least KeePass >= 2.20 and KeePassX 2.0 >= alpha3 support this. I haven't checked other implementations.
An attacker may be able to read the unencrypted swap space on disk. In this scenario it makes sense to encrypt passwords in memory and store the key in a locked page.
This isn't true anymore. Newer versions store a SHA-256 hash of the header inside the encrypted XML. At least KeePass >= 2.20 and KeePassX 2.0 >= alpha3 support this. I haven't checked other implementations.