Now sure if PasswordSafe allows using key file, as sbov mentioned above for Keepass, but if it's properly implemented, and you didn't put the key file into Dropbox, it would be pretty much impossible to brute force.