Let me be the punk in this thread and be a little provocative
Imagine my $HOME will be hacked.
Password for my mail account? I don't type it in - and as far I can see: Also most other users store it inside their mail clients configuration. Our hacker can easily go through those mails, and use the "password forgotten" option!
Here we could already stop thinking, but anyway:
A password used for online shopping? Think over how many shops really have a clue of data handling, and you seldom will use accounts on their platforms - but order as guest wherever possible. Maybe your choosing even a different dealer to get rid of being forced to use an account.
Passwords for my servers? I wouldn't go with a password based login on a server. But my certificates our hacker now also has.
Online banking? Shouldn't nowadays be possible with just a mail address and a password.
So it doesn't matter if my passwords are encrypted or not, a plain text file does it. Anything you can reach by your computer is as safe as the weakest part of it. If a hacker has reached my $HOME there will be no difference if I'm using something like keepass: I've got to assume that none of my passwords is save anymore. And that file wouldn't be my basic problem…
Does really someone think a hacker would say "holy crap, this dude uses keepass, so I have no chance"? My passwords are stored inside a database. It will take some time for someone else to figure out how things of that database match together (and it's not named like "db4pw" etc.), but: Unencrypted.
But I've got something like keepass: It's my $HOME on my computer. And that account already has a master password! But I wouldn't feel well if I would use f.e. Windows and have no clue, if my data is stored also on some cloud machines (after all, they always say they have to check all this out for my safety).