Ok thats a bit safer, but still not fully. You have to always assume your pc has been hacked. Anything on that pc is up for grabs, as soon as keepass unencrypts in memory, and has all your passwords there while it chooses which one it needs, or if it only pulls the one and decrypts it. i can still use a memory leak exploit thats in almost every piece of software for windows, and now i still have the password you were trying to hide and keep secure. passwords themselfs are inherently insecure. thats why the security field is trying to get rid of them. as far as practice goes. i would say offline encrypted passwords is second to using your brain as the vault. but i hope everybody learns from this and stops using online password managers.