But it's still valuable. I'm not really too worried about client side security, I keep my machine on lockdown, I use ProcessGuard for example so that no app I don't tell to run can ever run. I am, however, worried about the security of the places that have my password. Even retards like Visa that you would think should be really secure are incredibly incompetent about computer security and are constantly losing everyone's account info to the Russians.
To slightly protect myself from host-side security breaches, I use a different password on every site. I used to just keep track of that by hand, but that's a pain in the butt (and most of my random passwords where turning into asdlkfgj - only slightly semirandom, you can see the left to right hand swipe). So what KeePass is actually good for is generating random passwords and remembering all the damn passwords for all the damn sites for you.
One thing it doesn't have is automatic entry generation when you register for the first time with a site. That would be pretty easy to code and make it much nicer to use.