I saw that KeePass not only encrypts its password-database-file, it also can encrypt the passwords it holds in memory. This is just an example. I thinking of a new project dealing with sensitve / personal data and now I ask myself if I should encrypt the data hold in memory, too. This project would be implemented with Java SE and an additional android application. There will be no data stored in the cloud or on a server in this special case. Data from android will be imported by the Java SE Desktop application via cable connection.
But why is this necessary at all? Don't modern operating systems work with virtual memory management so that it is not possible for user-space / user-mode processes to access other processes memory?
Is it just another defense line if there is an OS vulnerability making foreign memory access possible? In that case I think it would be much easier to steal the data file and use a key-logger to catch the password the user enters instead of stealing the data through memory access.